CVE-2020-13484

Published: Jun 24, 2020Modified: Nov 21, 2024

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

Bitrix24 through 20.0.975 allows SSRF via an intranet IP address in the services/main/ajax.php?action=attachUrlPreview url parameter, if the destination URL hosts an HTML document containing '<meta name="og:image" content="' followed by an intranet URL.

Affected (1)

Products: Bitrix24: Bitrix24

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Bitrix24 Bitrix24	Up to 20.0.975

Related CWEs

Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

References (2)

https://gist.github.com/mariuszpoplwski/f261a4bc06adde5c78760559db9d63bd

Source: cve@mitre.org

ExploitThird Party Advisory

https://gist.github.com/mariuszpoplwski/f261a4bc06adde5c78760559db9d63bd

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.