CVE-2019-13966 - Combodo Itop
Moderate 6.1
In iTop through 2.6.0, an XSS payload can be delivered in certain fields (such as icon) of the XML file used to build the dashboard. This is similar to CVE-2015-6544 (which is only about the dashboard title).
Affected software
Combodo Itop