CSV injection in export as csv in Combodo iTop v.3.1.0-2-11973 allows a local malicious user to execute arbitrary code via a crafted script to the export-v2.php and ajax.render.php components.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
combodo itop 3.1.0-2-11973 |