CVE-2024-56157 iTop vulnerable to Self XSS in CSV Import

iTop is an web based IT Service Management tool. Prior to versions 3.1.3 and 3.2.1, by filling malicious code in a CSV content, a cross-site scripting attack can be performed when importing this content. The issue is fixed in versions 3.1.3 and 3.2.1. As a workaround, check CSV content before...

PT-2025-21169 · Itop · Itop

Name of the Vulnerable Software and Affected Versions: iTop versions prior to 3.1.3 and 3.2.1 Description: The issue allows a cross-site scripting attack to be performed when importing malicious CSV content. This can be done by filling malicious code in a CSV content. The estimated number of...

CVE-2024-31448

CVE-2024-31448 is a Cross-site Scripting (XSS) vulnerability in Combodo iTop triggered by malicious CSV content during import. Affected software is Combodo iTop (web-based IT Service Management). The issue is fixed in versions 3.1.2 and 3.2.0; users should upgrade to one of these versions or late...

CVE-2022-47163

Cross-Site Request Forgery CSRF vulnerability in Tips and Tricks HQ, josh401 WP CSV to Database – Insert CSV file content into WordPress plugin = 2.6 versions...

IBM Planning Analytics Injection Vulnerability

IBM Planning Analytics is a business planning and analysis solution from IBM Corporation. The solution supports automated execution of business planning, budgeting, and analysis processes.IBM Planning Analytics has a security vulnerability that stems from incorrect validation of csv file content...