We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
The dashboard id is not sanitized correctly, and could be used for XSS injection.
Many thanks to TheNerdOne for his report !
Combodo ref N°2853 https://sourceforge.net/p/itop/tickets/1846/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11697
If you have any questions or comments about this advisory: Email us at itop-security@combodo.com
Impact
The dashboard id is not sanitized correctly, and could be used for XSS injection.
Patches
Credits
Many thanks to TheNerdOne for his report !
References
Combodo ref N°2853
https://sourceforge.net/p/itop/tickets/1846/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11697
For more information
If you have any questions or comments about this advisory:
Email us at itop-security@combodo.com