漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Cross-Site Request Forgery (CSRF) in several iTop pages
Vulnerability Description
Combodo iTop is a simple, web based IT Service Management tool. Several url endpoints are subject to a Cross-Site Request Forgery (CSRF) vulnerability. Please refer to the linked GHSA for the complete list. This issue has been addressed in version 3.2.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS Information
N/A
Vulnerability Type
跨站请求伪造(CSRF)
Vulnerability Title
Combodo iTop 跨站请求伪造漏洞
Vulnerability Description
Combodo iTop是法国Combodo公司的一套基于ITIL开发且用于IT环境日常运营的开源Web应用程序。该程序提供事件管理、配置管理和问题管理等功能。 Combodo iTop 3.2.0版本之前存在跨站请求伪造漏洞,该漏洞源于多个 URL 端点容易受到跨站请求伪造 (CSRF) 漏洞的影响。
CVSS Information
N/A
Vulnerability Type
N/A