iTop users should install version 1.2.0-299 of the software. There are many flaws in version 1.1.0-181 and vulnerabilities may be present in prior versions.
Input data passed to „auth_user“, „suggest_pwd“, „description“, „category“ and „name“ parameters are not properly sanitized before being returned to a user. An attacker may exploit flaws to launch arbitrary HTML, PHP and script code.

Source: Secunia
28.11.2011