PT-2011-4922 · Comodo · Itop

Published

2011-11-26

·

Updated

2018-10-09

·

CVE-2011-4275

CVSS v2.0

4.3

Medium

VectorAV:N/AC:M/Au:N/C:N/I:P/A:N
Name of the Vulnerable Software and Affected Versions iTop versions 1.1.181 through 1.2.0-RC-282
Description The issue allows remote attackers to inject arbitrary web script or HTML, potentially leading to cross-site scripting (XSS) attacks. This can be achieved through various means, including:
  • a crafted company name,
  • a crafted database server name,
  • a crafted CSV file,
  • a crafted copy-and-paste action,
  • the auth user parameter in a suggest pwd action to "UI.php",
  • the c[menu] parameter to "UniversalSearch.php",
  • the description parameter in a SearchFormToAdd document list action to "UI.php",
  • the category parameter in an errors action to "audit.php",
  • or the suggest pwd parameter to "UI.php".
Recommendations For iTop versions 1.1.181 through 1.2.0-RC-282, consider disabling the vulnerable parameters, such as auth user, c[menu], description, category, and suggest pwd, until a patch is available. Restrict access to the affected PHP files, including "UI.php", "UniversalSearch.php", and "audit.php", to minimize the risk of exploitation. Avoid using crafted company names, database server names, CSV files, and copy-and-paste actions in the affected versions.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2011-4275

Affected Products

Itop