| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-34447 | iTop XSS vulnerability on pages/UI.php | Combodo | iTop | High | 8.8 | 2023-10-25 15:35:25 | Deep Dive |
| CVE-2023-34446 | iTop XSS vulnerability on pages/preferences.php | Combodo | iTop | High | 8.8 | 2023-10-25 15:35:21 | Deep Dive |
| CVE-2022-39216 | Combodo iTop's weak password reset token leads to account takeover | Combodo | iTop | High | 7.4 | 2023-03-14 15:10:52 | Deep Dive |
| CVE-2022-39214 | Authenticated users of Combodo iTop can take over any account | Combodo | iTop | Critical | 9.6 | 2023-03-14 15:10:48 | Deep Dive |
| CVE-2021-41162 | Cross-site Scripting in Combodo iTop | Combodo | iTop | Critical | 9.3 | 2022-04-21 16:45:13 | Deep Dive |
| CVE-2022-24870 | Stored Cross-site Scripting in Combodo iTop | Combodo | iTop | High | 8.7 | 2022-04-21 16:40:12 | Deep Dive |
| CVE-2021-41161 | XSS in csvimport in 3.0.0-beta versions | Combodo | iTop | Critical | 9.3 | 2022-04-21 16:35:10 | Deep Dive |
| CVE-2022-24811 | Cross-site Scripting in Combodo iTop | Combodo | iTop | Medium | 5.4 | 2022-04-05 18:35:11 | Deep Dive |
| CVE-2022-24780 | Code Injection in Combodo iTop | Combodo | iTop | High | 8.8 | 2022-04-05 18:30:18 | Deep Dive |
| CVE-2021-41245 | Possible Cross-Site Request Forgery in Combodo iTop | Combodo | iTop | Medium | 6.5 | 2022-04-05 15:05:11 | Deep Dive |
| CVE-2021-32664 | Reflected XSS in Combodo/iTop | Combodo | iTop | High | 8.1 | 2021-10-19 17:45:12 | Deep Dive |
| CVE-2021-32663 | Unauthorized setup leads to SSRF in Combodo/iTop | Combodo | iTop | High | 8.7 | 2021-10-19 17:40:11 | Deep Dive |
| CVE-2021-32776 | No CSRF form token cleanup on Windows servers | Combodo | iTop | Medium | 6.8 | 2021-07-21 20:25:09 | Deep Dive |
| CVE-2021-32775 | Any user can see any fields (including mailbox password) with GroupBy Dashlet | Combodo | iTop | High | 7.7 | 2021-07-21 20:20:09 | Deep Dive |
| CVE-2021-21407 | Portal : the CSRF token isn't validated | Combodo | iTop | High | 8.0 | 2021-07-21 15:15:11 | Deep Dive |
| CVE-2021-21406 | Command Injection vulnerability in the Setup Wizard | Combodo | iTop | Medium | 5.8 | 2021-07-21 15:05:10 | Deep Dive |
| CVE-2020-15221 | XSS in the breadcrumbs | Combodo | iTop | Medium | 6.8 | 2021-01-13 17:10:15 | Deep Dive |
| CVE-2020-15220 | Session fixation | Combodo | iTop | Medium | 6.1 | 2021-01-13 17:05:17 | Deep Dive |
| CVE-2020-15219 | SQL query displayed on portal error | Combodo | iTop | Medium | 4.3 | 2021-01-13 16:55:17 | Deep Dive |
| CVE-2020-15218 | Admin pages are cached and can be embedded | Combodo | iTop | Medium | 6.8 | 2021-01-13 16:50:12 | Deep Dive |