When displaying HTML attachments XSS are possible for scripts outside of script tags
Fixed in 2.7.6, 3.0.0
Combodo ref N°4129
@ranjit-git / Huntr
Cross-site Scripting (XSS) - Stored vulnerability found in itop
If you have any questions or comments about this advisory: Email us at itop-security@combodo.com
Impact
When displaying HTML attachments XSS are possible for scripts outside of script tags
Patches
Fixed in 2.7.6, 3.0.0
References
Combodo ref N°4129
Credits
@ranjit-git / Huntr
For more information
Cross-site Scripting (XSS) - Stored vulnerability found in itop
If you have any questions or comments about this advisory:
Email us at itop-security@combodo.com