6 matches found
Combodo iTop <2.2.0-2459 - Cross-Site Scripting
Combodo iTop before 2.2.0-2459 contains a cross-site scripting vulnerability in application/dashboard.class.inc.php which allows remote attackers to inject arbitrary web script or HTML via a dashboard title. id: CVE-2015-6544 info: name: Combodo iTop 2.2.0-2459 - Cross-Site Scripting author:...
CVE-2019-13966
In iTop through 2.6.0, an XSS payload can be delivered in certain fields such as icon of the XML file used to build the dashboard. This is similar to CVE-2015-6544 which is only about the dashboard title...
CVE-2015-6544
Cross-site scripting XSS vulnerability in application/dashboard.class.inc.php in Combodo iTop before 2.2.0-2459 allows remote attackers to inject arbitrary web script or HTML via a dashboard title...
CVE-2015-6544
CVE-2015-6544 affects Combodo iTop
iTop 2.1.0-2127 Cross Site Scripting Vulnerability
iTop version 2.1.0-2127 suffers from a cross site scripting vulnerability. Product: iTop Vendor: Combodo SARL Vulnerable Versions: 2.1.0-2127 and probably prior Tested Version: 2.1.0-2127 Advisory Publication: July 29, 2015 without technical details Vendor Notification: July 29, 2015 Vendor Patch...
iTop 2.1.0-2127 Cross Site Scripting
Advisory ID: HTB23268 Product: iTop Vendor: Combodo SARL Vulnerable Versions: 2.1.0-2127 and probably prior Tested Version: 2.1.0-2127 Advisory Publication: July 29, 2015 without technical details Vendor Notification: July 29, 2015 Vendor Patch: July 30, 2015 Public Disclosure: September 23, 2015...