CVE-2022-31402

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2022-31402

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-31402.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-31402

Published

2022-06-10T17:15:08.243Z

Modified

2026-03-14T11:46:51.224377Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

ITOP v3.0.1 was discovered to contain a cross-site scripting (XSS) vulnerability via /itop/webservices/export-v2.php.

References

Affected packages

Git / github.com/combodo/itop

Affected ranges

Type

GIT

Repo

https://github.com/combodo/itop

Events

Introduced

Last affected

bac2918ceb3c7b3f2583eda1a9caf66841afa1cb

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.0.1"
        }
    ]
}

Affected versions

1.*

1.0.8

2.*

2.5.1

2.5.2

2.5.3

2.5.4

2.6.0

2.6.0-a

2.6.0-products

2.6.1

2.6.2

2.6.2-1

2.6.2-2

2.6.3

2.6.4

2.7.0

2.7.0-1

2.7.0-2

2.7.0-alpha1

2.7.0-beta

2.7.0-beta2

2.7.0-rc

2.7.0-rc2

2.7.1

2.7.2

2.7.2-1

2.7.3

2.7.3-1

2.7.3-2

2.7.4

2.7.5

2.7.5-1

2.7.5-2

2.7.6

Other

N1963

N2011

N2016

N941

N941-2

itop-carbon

3.*

3.0.0

3.0.0-alpha

3.0.0-beta

3.0.0-beta2

3.0.0-beta3

3.0.0-beta4

3.0.0-beta5

3.0.0-beta6

3.0.0-beta7

3.0.0-beta8

3.0.0-rc

3.0.1

3.0.1-designer-feature-lot1

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-31402.json"