ГлавнаяУязвимости → CVE-2025-24022
8.5высокая

CVE-2025-24022

Описание

iTop is an web based IT Service Management tool. Prior to versions 2.7.12, 3.1.3, and 3.2.1, server code execution is possible through the frontend of iTop's portal. This is fixed in versions 2.7.12, 3.1.3 and 3.2.1.

Затрагиваемое ПО
Combodo Itop
CVSS
Балл8.5 — высокая
ВекторCVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Источники
https://github.com/Combodo/iTop/commit/082d865efaf8a349b60fe3875e9c726c24f8a8bdhttps://github.com/Combodo/iTop/commit/37fc1a572380f2faa67fddea5b1a3a4ba72ed54ehttps://github.com/Combodo/iTop/commit/5780f26817c2303c5bdd0ad16e21d4d959780b0bhttps://github.com/Combodo/iTop/security/advisories/GHSA-rhv2-wfrr-4j2j