CSV injection in export as csv in Combodo iTop v.3.1.0-2-11973 allows a local attacker to execute arbitrary code via a crafted script to the export-v2.php and ajax.render.php components.
References
Link | Resource |
---|---|
https://bugplorer.github.io/cve-csv-itop/ | Broken Link |
https://nitipoom-jar.github.io/CVE-2023-47489/ |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-11-09T00:00:00
Updated: 2024-01-11T22:40:43.302019
Reserved: 2023-11-06T00:00:00
Link: CVE-2023-47489
JSON object: View
NVD Information
Status : Modified
Published: 2023-11-09T06:15:24.347
Modified: 2024-01-11T23:15:08.317
Link: CVE-2023-47489
JSON object: View
Redhat Information
No data.
CWE