VYPR
Unrated severityNVD Advisory· Published Nov 7, 2024· Updated Nov 7, 2024

Cross-site Scripting in portal picture upload in Combodo iTop

CVE-2024-51994

Description

Combodo iTop is a web based IT Service Management tool. In affected versions uploading a text file containing some java script in the portal will trigger an Cross-site Scripting (XSS) vulnerability. This issue has been addressed in version 3.2.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Combodo/Itopllm-fuzzy2 versions
    <3.2.0+ 1 more
    • (no CPE)range: <3.2.0
    • (no CPE)range: < 3.2.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.