2 matches found
CVE-2021-32776
Combodo iTop is a web based IT Service Management tool. In versions prior to 2.7.4, CSRF tokens can be reused by a malicious user, as on Windows servers no cleanup is done on CSRF tokens. This issue is fixed in versions 2.7.4 and 3.0.0...
CVE-2021-32776
Combodo iTop has a CSRF token reuse vulnerability in versions before 2.7.4 (and before 3.0.0 in some advisories) due to no cleanup of CSRF tokens on Windows servers. The issue enables CSRF token reuse by a malicious user. It is fixed in iTop 2.7.4 and 3.0.0. Red Hat CPE advisory confirms the CVE-...