2 matches found
CVE-2025-64167
creationtimestamp| type| source ---|---|--- 2025-11-10 23:46:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m5csloumrv2n...
CVE-2025-64167 Combodo iTop vulnerable to reflected XSS in webservices/export.php
Combodo iTop is a web based IT service management tool. Versions prior to 2.7.13 and 3.2.2 are vulnerable to a cross-site scripting attack leading to JS execution when editing the URL parameter. Versions 2.7.13 and 3.2.2 don't use export.php, which was deprecated. They use export-v2.php instead...