Vulnerabilities > Combodo > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-09 | CVE-2023-47488 | Cross-site Scripting vulnerability in Combodo Itop 3.1.0211973 Cross Site Scripting vulnerability in Combodo iTop v.3.1.0-2-11973 allows a local attacker to obtain sensitive information via a crafted script to the attrib_manager_id parameter in the General Information page and the id parameter in the contact page. | 6.1 |
| 2023-10-25 | CVE-2023-34446 | Cross-site Scripting vulnerability in Combodo Itop 3.0.3 iTop is an open source, web-based IT service management platform. | 6.1 |
| 2023-10-25 | CVE-2023-34447 | Cross-site Scripting vulnerability in Combodo Itop iTop is an open source, web-based IT service management platform. | 6.1 |
| 2022-06-14 | CVE-2022-31403 | Cross-site Scripting vulnerability in Combodo Itop 3.0.1 ITOP v3.0.1 was discovered to contain a cross-site scripting (XSS) vulnerability via /itop/pages/ajax.render.php. | 4.3 |
| 2022-06-10 | CVE-2022-31402 | Cross-site Scripting vulnerability in Combodo Itop 3.0.1 ITOP v3.0.1 was discovered to contain a cross-site scripting (XSS) vulnerability via /itop/webservices/export-v2.php. | 4.3 |
| 2022-04-21 | CVE-2021-41161 | Cross-site Scripting vulnerability in Combodo Itop Combodo iTop is a web based IT Service Management tool. | 4.3 |
| 2022-04-21 | CVE-2021-41162 | Cross-site Scripting vulnerability in Combodo Itop Combodo iTop is a web based IT Service Management tool. | 4.3 |
| 2022-04-05 | CVE-2021-41245 | Cross-Site Request Forgery (CSRF) vulnerability in Combodo Itop Combodo iTop is a web based IT Service Management tool. | 5.8 |
| 2021-10-19 | CVE-2021-32663 | Server-Side Request Forgery (SSRF) vulnerability in Combodo Itop 2.7.0 iTop is an open source web based IT Service Management tool. | 5.0 |
| 2021-07-21 | CVE-2021-32775 | Information Exposure Through an Error Message vulnerability in Combodo Itop Combodo iTop is a web based IT Service Management tool. | 4.0 |