ГлавнаяУязвимости → CVE-2025-49145
8.7высокая

CVE-2025-49145

Описание

Combodo iTop is a web based IT service management tool. In versions prior to 2.7.13 and 3.2.2, a user that has enough rights to create webhooks (mostly administrators) can drop the database. This is fixed in iTop 2.7.13 and 3.2.2 by verifying callback signature.

Затрагиваемое ПО
Combodo Itop
CVSS
Балл8.7 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H
Источники
https://github.com/Combodo/iTop/security/advisories/GHSA-55q8-mfxr-pq4j