CVE-2024-56157 Information

Description

iTop is an web based IT Service Management tool. Prior to versions 3.1.3 and 3.2.1 by filling malicious code in a CSV content a cross-site scripting attack can be performed when importing this content. The issue is fixed in versions 3.1.3 and 3.2.1. As a workaround check CSV content before importing it.

Reference

https://github.com/Combodo/iTop/security/advisories/GHSA-6p48-74j9-977j