Vulnerabilities > Combodo > Itop > 2.4.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-13 | CVE-2020-15220 | Unspecified vulnerability in Combodo Itop Combodo iTop is a web based IT Service Management tool. | 6.1 |
| 2021-01-13 | CVE-2020-15219 | Unspecified vulnerability in Combodo Itop Combodo iTop is a web based IT Service Management tool. | 4.3 |
| 2021-01-13 | CVE-2020-15218 | Unspecified vulnerability in Combodo Itop Combodo iTop is a web based IT Service Management tool. | 6.8 |
| 2021-01-12 | CVE-2020-4079 | Unspecified vulnerability in Combodo Itop Combodo iTop is a web based IT Service Management tool. | 7.7 |
| 2020-08-10 | CVE-2020-12781 | Cross-Site Request Forgery (CSRF) vulnerability in Combodo Itop Combodo iTop contains a cross-site request forgery (CSRF) vulnerability, attackers can execute specific commands via malicious site request forgery. | 8.8 |
| 2020-08-10 | CVE-2020-12780 | Incorrect Authorization vulnerability in Combodo Itop A security misconfiguration exists in Combodo iTop, which can expose sensitive information. | 7.5 |
| 2020-08-10 | CVE-2020-12778 | Cross-site Scripting vulnerability in Combodo Itop Combodo iTop does not validate inputted parameters, attackers can inject malicious commands and launch XSS attack. | 6.1 |
| 2020-08-10 | CVE-2020-12777 | Information Exposure vulnerability in Combodo Itop A function in Combodo iTop contains a vulnerability of Broken Access Control, which allows unauthorized attacker to inject command and disclose system information. | 7.5 |
| 2020-03-16 | CVE-2019-19821 | Cross-site Scripting vulnerability in Combodo Itop A post-authentication privilege escalation in the web application of Combodo iTop allows regular authenticated users to access information and modify information with administrative privileges by not following the HTTP Location header in server responses. | 8.1 |
| 2020-02-14 | CVE-2019-13966 | Cross-site Scripting vulnerability in Combodo Itop In iTop through 2.6.0, an XSS payload can be delivered in certain fields (such as icon) of the XML file used to build the dashboard. | 6.1 |