CVE-2023-44396 | Combodo iTop up to 2.7.9/3.0.3/3.1.0 Dashlet Edits Ajax Endpoint cross site scripting

Posted by Angelo Barbosa | Apr 15, 2024 | CVE

A vulnerability was found in Combodo iTop up to 2.7.9/3.0.3/3.1.0. It has been classified as problematic. This affects an unknown part of the component Dashlet Edits Ajax Endpoint. The manipulation leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2023-44396. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-44396 | Combodo iTop up to 2.7.9/3.0.3/3.1.0 Dashlet Edits Ajax Endpoint cross site scripting

Related Posts

CVE-2024-20027 | MediaTek MT8512 Da out-of-bounds write (ALPS08541632)

CVE-2024-28968 | Dell Secure Connect Gateway-Application prior 5.24.00.00 Collection Settings REST API access control (dsa-2024-181)

CVE-2024-34058 | Nethesis NethServer 7/8 cross site scripting

CVE-2024-28584 | FreeImage 3.19.0 r1909 J2K Image J2KImageToFIBITMAP null pointer dereference