4 matches found
EUVD-2019-5230
Malware in sbrugna...
CVE-2019-13965
Because of a lack of sanitization around error messages, multiple Reflective XSS issues exist in iTop through 2.6.0 via the paramfile parameter to webservices/export.php, webservices/cron.php, or env-production/itop-backup/backup.php. By default, any XSS sent to the administrator can be transform...
Cross site scripting
Because of a lack of sanitization around error messages, multiple Reflective XSS issues exist in iTop through 2.6.0 via the paramfile parameter to webservices/export.php, webservices/cron.php, or env-production/itop-backup/backup.php. By default, any XSS sent to the administrator can be transform...
CVE-2019-13965
CVE-2019-13965 affects iTop up to 2.6.0, with Reflective XSS via the param_file parameter to webservices/export.php, webservices/cron.php, or env-production/itop-backup/backup.php. The root cause is lack of sanitization around error messages, enabling XSS to reach an administrator; this can, per ...