We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
By modifying target browser local storage, an XSS can be generated in the iTop console breadcrumb.
Fixed in 2.7.2 and 3.0.0
Many thanks to Cyblex Technologies (Clément Speybrouck, Antoine Vacher) for this report !
Combodo ref N°3332
If you have any questions or comments about this advisory: Email us at itop-security@combodo.com
tigre-bleu Analyst
Impact
By modifying target browser local storage, an XSS can be generated in the iTop console breadcrumb.
Patches
Fixed in 2.7.2 and 3.0.0
Credits
Many thanks to Cyblex Technologies (Clément Speybrouck, Antoine Vacher) for this report !
References
Combodo ref N°3332
For more information
If you have any questions or comments about this advisory:
Email us at itop-security@combodo.com