Fedora Account System
Red Hat Associate
Red Hat Customer
In iTop through 2.6.0, an XSS payload can be delivered in certain fields (such as icon) of the XML file used to build the dashboard. This is similar to CVE-2015-6544 (which is only about the dashboard title). Reference: https://0day.love/itop_vulnerabilities_disclosure.pdf https://www.itophub.io/wiki/page?id=latest%3Arelease%3Achange_log
Created itop tracking bugs for this issue: Affects: fedora-all [bug 1824083]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.