Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-34443

Combodo iTop is a simple, web based IT Service Management tool. When displaying page Run queries Cross-site Scripting (XSS) are possible for scripts outside of script tags. This has been fixed in versions 2.7.9, 3.0.4, 3.1.0. All users are advised to upgrade. There are no known workarounds for this vulnerability.

Published

2024-11-05T00:15:03.103

Last Modified

2024-11-06T14:25:00.830

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 8.8 (HIGH)

Weaknesses
  • Type: Secondary
    CWE-79
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application combodo itop < 2.7.9 Yes
Application combodo itop < 3.0.4 Yes
References