Dmitry Lymbin

1 exploit Active since Jan 2023
CVE-2022-43959 NOMISEC MEDIUM WRITEUP
1C-Bitrix Bitrix24 <22.200.200 - Info Disclosure
Insufficiently Protected Credentials in the AD/LDAP server settings in 1C-Bitrix Bitrix24 through 22.200.200 allow remote administrators to discover an AD/LDAP administrative password by reading the source code of /bitrix/admin/ldap_server_edit.php.
4 stars
CVSS 4.9