Reflected XSS in Combodo/iTop
CVE-2021-32664
8.1HIGH
What is CVE-2021-32664?
Combodo iTop is an open source web based IT Service Management tool. In affected versions there is a XSS vulnerability on "run query" page when logged as administrator. This has been resolved in versions 2.6.5 and 2.7.5.
Affected Version(s)
iTop < 2.6.5 < 2.6.5
iTop >= 2.7.0, < 2.7.5 < 2.7.0, 2.7.5