CVE-2023-43790 | Combodo iTop up to 3.1.0 HTTP Query friendlyname cross site scripting (GHSA-96xm-p83r-hm97)

Posted by Angelo Barbosa | Apr 15, 2024 | CVE

A vulnerability was found in Combodo iTop up to 3.1.0 and classified as problematic. Affected by this issue is some unknown functionality of the component HTTP Query Handler. The manipulation of the argument friendlyname leads to cross site scripting.

This vulnerability is handled as CVE-2023-43790. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-43790 | Combodo iTop up to 3.1.0 HTTP Query friendlyname cross site scripting (GHSA-96xm-p83r-hm97)

Related Posts

CVE-2023-6297 | PHPGurukul Nipah Virus Testing Management System 1.0 Search Report Page patient-search-report.php Search By Patient Name cross site scripting

CVE-2023-46174 | IBM InfoSphere Information Server 11.7 Web UI cross site scripting (XFDB-269506)

CVE-2024-2678 | Campcodes Online Job Finder System 1.0 controller.php JOBREGID sql injection

CVE-2024-3107 | Spectra Plugin up to 2.12.6 on WordPress path traversal