Unrated severityNVD Advisory· Published Apr 15, 2024· Updated Aug 2, 2024
iTop vulnerable to XSS in dashlet modifications ajax endpoints
CVE-2023-44396
Description
iTop is an IT service management platform. Dashlet edits ajax endpoints can be used to produce XSS. Fixed in iTop 2.7.10, 3.0.4, and 3.1.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
3- github.com/Combodo/iTop/commit/9df92665e08c4bf5d4d8a5a9fe21fd3fb26fb273mitrex_refsource_MISC
- github.com/Combodo/iTop/commit/c72cb7e70ebf469ce0ec01f5f9b524e39afe6c7fmitrex_refsource_MISC
- github.com/Combodo/iTop/security/advisories/GHSA-gqqj-jgh6-3x35mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.