Combodo iTop is a web based IT Service Management tool. In iTop before versions 2.7.2 and 3.0.0, when a download error is triggered in the user portal, an SQL query is displayed to the user. This is fixed in versions 2.7.2 and 3.0.0.
View Full Alert
Related Posts
CVE-2020-12778 (itop)Combodo iTop does not validate inputted parameters, attackers can inject malicious commands and launch XSS attack. View Full Alert
CVE-2020-12777 (itop)A function in Combodo iTop contains a vulnerability of Broken Access Control, which allows unauthorized attacker to inject command and disclose system information. View Full Alert
CVE-2020-15218 (itop)Combodo iTop is a web based IT Service Management tool. In iTop before versions 2.7.2 and 3.0.0, admin pages are cached, so that their content is visible after deconnection by…
