Unrated severityNVD Advisory· Published Apr 15, 2024· Updated Aug 2, 2024
iTop vulnerable to XSS in dashlet modifications ajax endpoints
CVE-2023-44396
Description
iTop is an IT service management platform. Dashlet edits ajax endpoints can be used to produce XSS. Fixed in iTop 2.7.10, 3.0.4, and 3.1.1.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- github.com/Combodo/iTop/commit/9df92665e08c4bf5d4d8a5a9fe21fd3fb26fb273mitrex_refsource_MISC
- github.com/Combodo/iTop/commit/c72cb7e70ebf469ce0ec01f5f9b524e39afe6c7fmitrex_refsource_MISC
- github.com/Combodo/iTop/security/advisories/GHSA-gqqj-jgh6-3x35mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.