Lucene search
CVE-2015-6544
CVE-2015-6544 Cross-site scripting vulnerability in Combodo iTop before 2.2.0-245
Show more
| Reporter | Title | Published | Views | Family All 14 |
|---|---|---|---|---|
 | iTop 2.1.0-2127 Cross Site Scripting Vulnerability | 24 Sep 201500:00 | – | zdt |
 | Reflected Cross-Site Scripting (XSS) in iTop | 26 Oct 201500:00 | – | securityvulns |
| Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) | 26 Oct 201500:00 | – | securityvulns |
 | Reflected Cross-Site Scripting (XSS) in iTop | 29 Jul 201500:00 | – | htbridge |
 | iTop 2.1.0-2127 Cross Site Scripting | 23 Sep 201500:00 | – | packetstorm |
 | CVE-2015-6544 | 20 Feb 201820:00 | – | cvelist |
| CVE-2019-13966 | 14 Feb 202021:02 | – | cvelist |
 | Cross site scripting | 20 Feb 201820:29 | – | prion |
| Design/Logic Flaw | 14 Feb 202022:15 | – | prion |
 | Combodo iTop <2.2.0-2459 - Cross-Site Scripting | 28 Jul 202101:01 | – | nuclei |
10
| Source | Link |
|---|---|
| sourceforge | www.sourceforge.net/p/itop/code/3662/ |
| sourceforge | www.sourceforge.net/p/itop/tickets/1114/ |
| htbridge | www.htbridge.com/advisory/HTB23268 |
| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| operation | query param | /pages/ajax.render.php | Cross-Site Scripting (XSS) vulnerability due to insufficient filtration of input-data passed through the 'title' parameter. | CWE-79 |
| dashboard_id | query param | /pages/ajax.render.php | Cross-Site Scripting (XSS) vulnerability due to insufficient filtration of input-data passed through the 'title' parameter. | CWE-79 |
| layout_class | query param | /pages/ajax.render.php | Cross-Site Scripting (XSS) vulnerability due to insufficient filtration of input-data passed through the 'title' parameter. | CWE-79 |
| title | query param | /pages/ajax.render.php | Cross-Site Scripting (XSS) vulnerability due to insufficient filtration of input-data passed through the 'title' parameter. | CWE-79 |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo20 Feb 2018 20:29Current
5.8Medium risk
Vulners AI Score5.8
CVSS24.3
CVSS36.1
EPSS0.00468