Cloud Defense Logo

Products

Solutions

Company

CVE-2021-41245 : What You Need to Know

Learn about CVE-2021-41245, a Cross-Site Request Forgery vulnerability in Combodo iTop versions prior to 2.7.6 and 3.0.0. Understand the impact, technical details, and mitigation steps in this article.

Combodo iTop is a web-based IT Service Management tool with a vulnerability that allows for Cross-Site Request Forgery (CSRF) attacks in versions prior to 2.7.6 and 3.0.0. Proper checks for CSRF tokens generated by 'privUITransactionFile' are missing in these versions. This CVE has a CVSS v3.1 base score of 6.5 (Medium severity).

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities?
Find Out Now