CVE-2025-48055 Combodo iTop has stored XSS in user portal's browse brick

Combodo iTop is a web based IT service management tool. In versions prior to 3.2.2, when displaying content in a browse brick in the user portal, a cross-site scripting attack can occur. This is fixed in versions 3.2.2 and 3.3.0...

CVE-2025-48055

The CVE-2025-48055 entry concerns Combodo iTop, a web-based IT service management tool. Concrete details across connected sources show a stored XSS vulnerability in the user portal’s browse brick, affecting versions prior to 3.2.2. The root cause is improper handling/display of content in the bro...

WordPress Save as Image plugin by Pdfcrowd Plugin <= 3.2.1 is vulnerable to Cross Site Scripting (XSS)

Software Save as Image plugin by Pdfcrowd Type Plugin Vulnerable versions = 3.2.1 Fixed in 3.2.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-31931 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID fdf7ae81db36 Credits younsoung kim, SeoHye...

WordPress Save as PDF plugin by Pdfcrowd Plugin <= 3.2.1 is vulnerable to Cross Site Scripting (XSS)

Software Save as PDF plugin by Pdfcrowd Type Plugin Vulnerable versions = 3.2.1 Fixed in 3.2.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-31930 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID ff06148a9e81 Credits younsoung kim, SeoHyeon...