CVE List


Moderate 6.5

Combodo iTop is an open source, web based IT Service Management tool. Prior to version 2.7.4, the CSRF token validation can be bypassed through iTop portal via a tricky browser procedure. The vulnerability is patched in version 2.7.4 and 3.0.0.

Published July 21, 2021.

Affected software

Reference links

Sign Up for Alerts