PT-2011-4922 · Comodo · Itop

Publicado

2011-11-26

·

Atualizado

2018-10-09

·

CVE-2011-4275

CVSS v2.0

4.3

Média

VetorAV:N/AC:M/Au:N/C:N/I:P/A:N
Name of the Vulnerable Software and Affected Versions iTop versions 1.1.181 through 1.2.0-RC-282
Description The issue allows remote attackers to inject arbitrary web script or HTML, potentially leading to cross-site scripting (XSS) attacks. This can be achieved through various means, including:
  • a crafted company name,
  • a crafted database server name,
  • a crafted CSV file,
  • a crafted copy-and-paste action,
  • the auth user parameter in a suggest pwd action to "UI.php",
  • the c[menu] parameter to "UniversalSearch.php",
  • the description parameter in a SearchFormToAdd document list action to "UI.php",
  • the category parameter in an errors action to "audit.php",
  • or the suggest pwd parameter to "UI.php".
Recommendations For iTop versions 1.1.181 through 1.2.0-RC-282, consider disabling the vulnerable parameters, such as auth user, c[menu], description, category, and suggest pwd, until a patch is available. Restrict access to the affected PHP files, including "UI.php", "UniversalSearch.php", and "audit.php", to minimize the risk of exploitation. Avoid using crafted company names, database server names, CSV files, and copy-and-paste actions in the affected versions.

Exploit

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2011-4275

Produtos afetados

Itop