We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
The shortcut title is not sanitized correctly, and could be used for XSS injection.
Many thanks to TheNerdOne for his report !
Combodo ref N°2853 https://sourceforge.net/p/itop/tickets/1846/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11696
If you have any questions or comments about this advisory: Email us at itop-security@combodo.com
Impact
The shortcut title is not sanitized correctly, and could be used for XSS injection.
Patches
Credits
Many thanks to TheNerdOne for his report !
References
Combodo ref N°2853
https://sourceforge.net/p/itop/tickets/1846/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11696
For more information
If you have any questions or comments about this advisory:
Email us at itop-security@combodo.com