Headline
CVE-2022-24811: Cross-site Scripting (XSS) - Stored in itop
Combodi iTop is a web based IT Service Management tool. Prior to versions 2.7.6 and 3.0.0, cross-site scripting is possible for scripts outside of script tags when displaying HTML attachments. This issue is fixed in versions 2.7.6 and 3.0.0. There are currently no known workarounds.
Valid
Reported on
Jun 30th 2021
💥 BUG
stored xss via file upload
💥 STEP TO REPRODUCE
here in this case i uploaded a html file with xss payload inside.
Plz check this 1 minute video to reproduce https://drive.google.com/file/d/1xKqYFgrsFUfp9Ufe4XiATQcAL-Q6Mr9G/view?usp=sharing
💥 Impact
I see there is many different type of role base user . So, user who has permission to upload document can make xss attack against higher level user or admin
Z-Old
commented 9 months ago
Admin
Hey ranjit-git, I’ve just emailed the maintainer and am waiting to hear back. Good job!
We have contacted a member of the combodo/itop team and are waiting to hear back 9 months ago
A combodo/itop maintainer validated this vulnerability 5 months ago
The fix bounty is now up for grabs
commented 3 months ago
Maintainer
The fix will be part of 2.7.6 that has just been released. A GitHub advisory was created : https://github.com/Combodo/iTop/security/advisories/GHSA-67x5-mqg4-rvgc
We will publish ths page and the advusory in 3 monthes.
The fix bounty has been dropped
Hi, Combodo usually send goodies for its contributors, as a way to thank them. @ranjit-git can you send your postal address to pierre.goiffon @ combodo.com (remove spaces around the @)?
@mainatiner Thanks for such care. Happy to secure itop project. I will send postal address to above mail id
to join this conversation
Z-Old
commented 9 months ago
Admin
Hey ranjit-git, I’ve just emailed the maintainer and am waiting to hear back. Good job!
We have contacted a member of the combodo/itop team and are waiting to hear back 9 months ago
A combodo/itop maintainer validated this vulnerability 5 months ago
The fix bounty is now up for grabs
commented 3 months ago
Maintainer
The fix will be part of 2.7.6 that has just been released. A GitHub advisory was created : https://github.com/Combodo/iTop/security/advisories/GHSA-67x5-mqg4-rvgc
We will publish ths page and the advusory in 3 monthes.
The fix bounty has been dropped
Hi, Combodo usually send goodies for its contributors, as a way to thank them. @ranjit-git can you send your postal address to pierre.goiffon @ combodo.com (remove spaces around the @)?
@mainatiner Thanks for such care. Happy to secure itop project. I will send postal address to above mail id
to join this conversation
Related news
Summary Microsoft used the Spring Framework RCE, Early Announcement to inform analysis of the remote code execution vulnerability, CVE-2022-22965, disclosed on 31 Mar 2022. We have not to date noted any impact to the security of our enterprise services and have not experienced any degraded service availability due to this vulnerability. Threat analysis of the … Microsoft’s Response to CVE-2022-22965 Spring Framework Read More »