Unrated severityNVD Advisory· Published Oct 19, 2021· Updated Aug 3, 2024

Reflected XSS in Combodo/iTop

CVE-2021-32664

Description

Combodo iTop is an open source web based IT Service Management tool. In affected versions there is a XSS vulnerability on "run query" page when logged as administrator. This has been resolved in versions 2.6.5 and 2.7.5.

Affected products

Combodo/Itopv5
Range: < 2.6.5

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/Combodo/iTop/commit/4f5c987d8b1bd12814dc606ea69b6cfb88490704mitrex_refsource_MISC
github.com/Combodo/iTop/commit/84741c19f0af6fa8e7082a8807eb089182e7b88amitrex_refsource_MISC
github.com/Combodo/iTop/commit/86f649affc12b5078efc86d9439d67d98f4cb2f6mitrex_refsource_MISC
github.com/Combodo/iTop/security/advisories/GHSA-j758-ggwg-9mpjmitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000