Security Advisory

CVE-2021-41245

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-04-05 15:05:11

Last updated 2025-04-22 18:17:28

Assigner GitHub_M

State PUBLISHED

Description

Combodo iTop is a web based IT Service Management tool. In versions prior to 2.7.6 and 3.0.0, CSRF tokens generated by `privUITransactionFile` arent properly checked. Versions 2.7.6 and 3.0.0 contain a patch for this issue. As a workaround, use the session implementation by adding in the iTop config file.

← Browse all CVEs View on cve.org ↗