Vulnerabilities > Combodo > Itop > 3.1.0.2.11973

DATE CVE VULNERABILITY TITLE RISK
2023-11-09 CVE-2023-47488 Cross-site Scripting vulnerability in Combodo Itop 3.1.0211973
Cross Site Scripting vulnerability in Combodo iTop v.3.1.0-2-11973 allows a local attacker to obtain sensitive information via a crafted script to the attrib_manager_id parameter in the General Information page and the id parameter in the contact page.
network
low complexity
combodo CWE-79
6.1
6.1
2023-11-09 CVE-2023-47489 Unspecified vulnerability in Combodo Itop 3.1.0211973
CSV injection in export as csv in Combodo iTop v.3.1.0-2-11973 allows a local attacker to execute arbitrary code via a crafted script to the export-v2.php and ajax.render.php components.
local
low complexity
combodo
7.8
7.8