High severity8.8NVD Advisory· Published Nov 1, 2023· Updated Jun 17, 2026
CVE-2023-1714
CVE-2023-1714
Description
Unsafe variable extraction in bitrix/modules/main/classes/general/user_options.php in Bitrix24 22.0.300 allows remote authenticated attackers to execute arbitrary code via (1) appending arbitrary content to existing PHP files or (2) PHAR deserialization.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
1- starlabs.sg/advisories/23/23-1714/nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.