Security Advisory

CVE-2022-24870

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-04-21 16:40:12

Last updated 2025-04-22 18:14:28

Assigner GitHub_M

State PUBLISHED

Description

Combodo iTop is a web based IT Service Management tool. In 3.0.0 beta releases prior to 3.0.0 beta3 a malicious script can be injected in tooltips using iTop customization mechanism. This provides a stored cross site scripting attack vector to authorized users of the system. Users are advised to upgrade. There are no known workarounds for this issue.

← Browse all CVEs View on cve.org ↗