Volerion logoVolerion
Volerion logoVolerion

Combodo iTop Cross-Site Scripting Vulnerability in User Portal Browse Brick

Vulnerability

A stored cross-site scripting vulnerability has been identified in Combodo iTop versions prior to 3.2.2. This issue occurs when content is displayed in a browse brick within the user portal, allowing for the injection of malicious scripts.

Impact

Exploitation of this vulnerability allows for stored cross-site scripting, where injected scripts are executed in the context of the user.

Remediation

Users can upgrade to iTop versions 3.2.2 or 3.3.0 to address this vulnerability.

Added: Nov 10, 2025, 9:19 PM
Updated: Nov 10, 2025, 9:19 PM

Vulnerability Rating

Custom Algorithm
spread
1.4
impact
1.7
exploitability
4.9
remediation
7.7
relevance
1.0
threat
0.0
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.