IDCVSSSummaryLast (major) updatePublished
CVE-2020-12779 3.5
Combodo iTop contains a stored Cross-site Scripting vulnerability, which can be attacked by uploading file with malicious script.
28-10-2020 - 17:24 10-08-2020 - 03:15
CVE-2020-11697 4.3
In Combodo iTop, dashboard ids can be exploited with a reflective XSS payload. This is fixed in all iTop packages (community, essential, professional) for version 2.7.0 and in iTop essential and iTop professional packages for version 2.6.4.
11-06-2020 - 01:27 05-06-2020 - 21:15
CVE-2020-11696 4.3
In Combodo iTop a menu shortcut name can be exploited with a stored XSS payload. This is fixed in all iTop packages (community, essential, professional) in version 2.7.0 and iTop essential and iTop professional in version 2.6.4.
11-06-2020 - 01:33 05-06-2020 - 22:15
Back to Top Mark selected
Back to Top