Published on: 07/21/2021 12:00:00 AM UTC
Last Modified on: 07/21/2021 05:39:00 PM UTC
Combodo iTop is an open source, web based IT Service Management tool. Prior to version 2.7.4, the CSRF token validation can be bypassed through iTop portal via a tricky browser procedure. The vulnerability is patched in version 2.7.4 and 3.0.0.
- CVE-2021-21407 has been assigned by [email protected] to track the vulnerability
- Affected Vendor/Software: Combodo - iTop version < 2.7.4
|Portal : the CSRF token isn't validated · Advisory · Combodo/iTop · GitHub|| github.com |
|@CVEreport||CVE-2021-21407 : Combodo iTop is an open source, web based IT Service Management tool. Prior to version 2.7.4, the… twitter.com/i/web/status/1…||2021-07-21 15:26:56|
|@LinInfoSec||Itop - CVE-2021-21407: github.com/Combodo/iTop/s…||2021-07-21 19:15:10|