Unrated severityNVD Advisory· Published May 14, 2025· Updated Jan 20, 2026
iTop server vulnerable to portal code injection
CVE-2025-24022
Description
iTop is an web based IT Service Management tool. Prior to versions 2.7.12, 3.1.3, and 3.2.1, server code execution is possible through the frontend of iTop's portal. This is fixed in versions 2.7.12, 3.1.3 and 3.2.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
4- github.com/Combodo/iTop/commit/082d865efaf8a349b60fe3875e9c726c24f8a8bdmitrex_refsource_MISC
- github.com/Combodo/iTop/commit/37fc1a572380f2faa67fddea5b1a3a4ba72ed54emitrex_refsource_MISC
- github.com/Combodo/iTop/commit/5780f26817c2303c5bdd0ad16e21d4d959780b0bmitrex_refsource_MISC
- github.com/Combodo/iTop/security/advisories/GHSA-rhv2-wfrr-4j2jmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.