3 matches found
CVE-2023-47489
CSV injection in export as csv in Combodo iTop v.3.1.0-2-11973 allows a local attacker to execute arbitrary code via a crafted script to the export-v2.php and ajax.render.php components...
CVE-2023-47489
CSV injection in export as csv in Combodo iTop v.3.1.0-2-11973 allows a local attacker to execute arbitrary code via a crafted script to the export-v2.php and ajax.render.php components...
CVE-2023-47489
Combodo iTop vulnerable to CSV injection in export as CSV (export-v2.php and ajax.render.php) for version 3.1.0-2-11973. A crafted CSV export script can allow a local attacker to execute arbitrary code. Root cause is described as CSV injection via the export pipeline; some sources also cite a rel...