Vulnerabilities > Combodo > Itop

DATE CVE VULNERABILITY TITLE RISK
2023-11-09 CVE-2023-47488 Cross-site Scripting vulnerability in Combodo Itop 3.1.0211973
Cross Site Scripting vulnerability in Combodo iTop v.3.1.0-2-11973 allows a local attacker to obtain sensitive information via a crafted script to the attrib_manager_id parameter in the General Information page and the id parameter in the contact page.
network
low complexity
combodo CWE-79
6.1
2023-11-09 CVE-2023-47489 Unspecified vulnerability in Combodo Itop 3.1.0211973
CSV injection in export as csv in Combodo iTop v.3.1.0-2-11973 allows a local attacker to execute arbitrary code via a crafted script to the export-v2.php and ajax.render.php components.
local
low complexity
combodo
7.8
2023-10-25 CVE-2023-34446 Cross-site Scripting vulnerability in Combodo Itop 3.0.3
iTop is an open source, web-based IT service management platform.
network
low complexity
combodo CWE-79
6.1
2023-10-25 CVE-2023-34447 Cross-site Scripting vulnerability in Combodo Itop
iTop is an open source, web-based IT service management platform.
network
low complexity
combodo CWE-79
6.1
2023-03-14 CVE-2022-39214 Incorrect Authorization vulnerability in Combodo Itop
Combodo iTop is an open source, web-based IT service management platform.
network
high complexity
combodo CWE-863
7.5
2023-03-14 CVE-2022-39216 Use of Insufficiently Random Values vulnerability in Combodo Itop
Combodo iTop is an open source, web-based IT service management platform.
network
low complexity
combodo CWE-330
critical
9.8
2022-06-14 CVE-2022-31403 Cross-site Scripting vulnerability in Combodo Itop 3.0.1
ITOP v3.0.1 was discovered to contain a cross-site scripting (XSS) vulnerability via /itop/pages/ajax.render.php.
network
combodo CWE-79
4.3
2022-06-10 CVE-2022-31402 Cross-site Scripting vulnerability in Combodo Itop 3.0.1
ITOP v3.0.1 was discovered to contain a cross-site scripting (XSS) vulnerability via /itop/webservices/export-v2.php.
network
combodo CWE-79
4.3
2022-04-21 CVE-2021-41161 Cross-site Scripting vulnerability in Combodo Itop
Combodo iTop is a web based IT Service Management tool.
network
combodo CWE-79
4.3
2022-04-21 CVE-2021-41162 Cross-site Scripting vulnerability in Combodo Itop
Combodo iTop is a web based IT Service Management tool.
network
combodo CWE-79
4.3