CVE-2020-12778

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2020-12778
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-12778.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-12778
Related
  • GHSA-8vpf-8vjh-5fcv
Published
2020-08-10T03:15:12.637Z
Modified
2026-04-10T04:22:06.686848Z
Severity
  • 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

Combodo iTop does not validate inputted parameters, attackers can inject malicious commands and launch XSS attack.

References

Affected packages

Git / github.com/combodo/itop

Affected ranges

Type
GIT
Repo
https://github.com/combodo/itop
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
94f9b16c03c4f9a232f677212aecde616b09b95e
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
fc24746862778d60fd135c076aa1d621a723f965
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
94fdc79be58b298ff5d1215c3b6103c0b1f19fed
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
aa9ab1ace5bf85fa4150fa9b0227382ee138817d
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
007e1ded0db683e3459d70eb7665e166676a95f6
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
8e0ae67803ee0289a161552d86f78c6c71529343
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
f9fc85e763daa10cd553c983c01a3af451fa57d1
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
b0904cabfddc875b24ca6e144e83b3fccbf187df
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e23c41232dc690ff1d511eb16534cf818dc3cd52
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
827a108a380398b7a45809a58321eb92f01c51ea
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
9bfa60d272c2a4246198334d55d966ac8bed098e
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "2.7.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.0.0-alpha"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.0.0-beta"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.0.0-beta2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.0.0-beta3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.0.0-beta4"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.0.0-beta5"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.0.0-beta6"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.0.0-beta7"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.0.0-beta8"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.0.0-rc"
        }
    ]
}

Affected versions

2.*
2.6.1
2.6.2
2.6.3
2.7.0-alpha1
2.7.0-beta
2.7.0-beta2
Other
3
N1963
N2011
N2016
N941
N941-2
3.*
3.0.0-alpha
3.0.0-beta
3.0.0-beta2
3.0.0-beta3
3.0.0-beta4
3.0.0-beta5
3.0.0-beta6
3.0.0-beta7
3.0.0-beta8
3.0.0-rc

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-12778.json"
unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "3.0.0-beta1"
            }
        ]
    }
]