cbcvebase.
CVE-2011-4275
published 2011-11-26

CVE-2011-4275: Multiple cross-site scripting (XSS) vulnerabilities in iTop (aka IT Operations Portal) 1.1.181 and 1.2.0-RC-282 allow remote attackers to inject arbitrary web…

PriorityP272medium4.3CVSS 2.0
AVNACMAuNCNIPAN
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
1.62%
73.1th percentile
Multiple cross-site scripting (XSS) vulnerabilities in iTop (aka IT Operations Portal) 1.1.181 and 1.2.0-RC-282 allow remote attackers to inject arbitrary web script or HTML via (1) a crafted company name, (2) a crafted database server name, (3) a crafted CSV file, (4) a crafted copy-and-paste action, (5) the auth_user parameter in a suggest_pwd action to UI.php, (6) the c[menu] parameter to UniversalSearch.php, (7) the description parameter in a SearchFormToAdd_document_list action to UI.php, (8) the category parameter in an errors action to audit.php, or (9) the suggest_pwd parameter to UI.php.

Affected

2 ranges
VendorProductVersion rangeFixed in
combodoitop
combodoitop

Detection & IOCsextracted from sources · hover to see the quote

  • XSS via auth_user parameter in a suggest_pwd action to UI.php
  • XSS via c[menu] parameter to UniversalSearch.php
  • XSS via description parameter in a SearchFormToAdd_document_list action to UI.php
  • XSS via category parameter in an errors action to audit.php
  • XSS via suggest_pwd parameter to UI.php
  • ·Affected versions are iTop 1.1.181 and 1.2.0-RC-282 only; no operational exploit code or IOCs were present in the source documents for CVE-2011-4275. All other exploit documents (DOC 2–7) relate to unrelated CVEs and software.

CVSS provenance

nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
vulncheck4.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.