In iTop through 2.6.0, an XSS payload can be delivered in certain fields (such as icon) of the XML file used to build the dashboard. This is similar to CVE-2015-6544 (which is only about the dashboard title). Reference:

Created itop tracking bugs for this issue: Affects: fedora-all [

This CVE….



Source link

Write a comment:
*

Your email address will not be published.