Itop
This hub aggregates every CVE we track for Itop, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.
81
CVEs tracked
4
Critical
39
High
0
In CISA KEV
Severity distribution
HIGH39MEDIUM37CRITICAL4LOW1
Monthly trend
0
0
0
0
14
1
0
1
0
0
7
0
0
0
0
0
8
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Itop.
- CVE-2025-64167Combodo iTop vulnerable to reflected XSS in webservices/export.php7.1
- CVE-2025-49145iTop admin can drop iTop database using webhooks8.7
- CVE-2025-48878Combodo iTop vulnerable to IDOR with ModuleInstallation object4.3
- CVE-2025-48065Combodo iTop vulnerable to reflected XSS via objection edition form error8.8
- CVE-2025-48055Combodo iTop has stored XSS in user portal's browse brick8.5
- CVE-2025-47932Combodo iTop vulnerable to reflected XSS in ajax.render.php render_dashboard8.8
- CVE-2025-47773Combodo iTop has XSS vulnerability in /pages/ajax.render.php8.8
- CVE-2025-47286Combodo iTop vulnerable to Remote Code Execution in the backup creation functionality7.2
- CVE-2025-24969iTop portal user can see any other contact's picture5.0
- CVE-2025-24785iTop dashboard vulnerable to denial of service4.3
- CVE-2025-24026iTop Inefficient Regular Expression Complexity vulnerability5.3
- CVE-2025-24022iTop server vulnerable to portal code injection8.5
- CVE-2025-24021iTop doesn't have mass assignment of fields in the portal form5.0
- CVE-2024-56157iTop vulnerable to Self XSS in CSV Import6.3
- CVE-2024-52601iTop portal Insecure Direct Object Reference vulnerability6.5
Product normalization is registry-driven with AI assist and human review. How it works