Proactive Insights and Support For Open-Source Applications
  • Applications
  • Platform
  • Support
  • Resources
    • FAQ
    • Newsflash
    • OSSpedia
    • How-to Guides
    • Case Studies
    • Articles
  • Company
    • About Us
    • The OSS in Hossted
  • Contact
Get Started
Book a demo
  • Applications
  • Platform
  • Support
  • Resources
    • FAQ
    • Newsflash
    • OSSpedia
    • How-to Guides
    • Case Studies
    • Articles
  • Company
    • About Us
    • The OSS in Hossted
  • Contact
  • Home
  • Knowledge Base
  • Newsflash
  • Project and Agile Management
  • IT Business Management

IT Business Management

All OSSpediaArticlesHow ToNewsflashCase Studies
Don't Miss out!
Join our newsletter for exclusive updates on open source innovations.

    Selected category
    • Communication
      • Communication
    • Communication and Collaboration
      • Communication
    • Specialized Software
      • Educational
      • Graphic Design
    • Business and Enterprise Solutions
      • Productivity
      • Supply Chain Management (SCM)
      • CRM
      • E-commerce
      • CMS
      • Marketing Automation
      • ERP
    • Project and Agile Management
      • Project Management
      • IT Business Management
    • Infrastructure and Network
      • Networking
      • Storage
      • Security
    • DevOps
      • Mobile App Development
      • Backup and Recovery
      • Data Analytics
      • Web Development
      • Developer Stacks
      • Cloud Computing
      • Monitoring
      • Application Development
      • Developer Tools
    • Data Management and Analytics
      • Communication
      • Application Development
      • Analytics
      • Machine Learning
      • Database
      • Data Analytics
    28 Feb 2025 Project and Agile Management
    iTop: Cross-Site Scripting Vulnerability

    In Combodo iTop versions prior to 2.7.12, 3.1.2 and 3.2.0 a medium severity vulnerability CVE-2025-27139 was detected. This vulnerability allows attackers to execute cross-site scripting (XSS) attacks when the preferences page is opened. To address this issue, users should upgrade iTop to versions 2.7.12, 3.1.2, 3.2.0 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-27139.

    Read more
    IT Business Management
    30 Jan 2025 Project and Agile Management
    iTop: Affected by Unresolved DLL Hijacking Bug

    In iTop version 16.0 a high severity vulnerability CVE-2024-53588 was detected. This vulnerability allows attackers to run malicious code on the system by tricking iTop VPN into loading a fake DLL file. Currently, there is no fix version for this issue. For more details, visit NVD.

    Read more
    IT Business Management
    16 Dec 2024 Project and Agile Management
    iTop: Cross-Site Scripting and Request Forgery Risk

    In iTop versions before 2.7.11, from including 3.0.0-alpha and before 3.1.2, and from including 3.2.0-alpha1 and before 3.2.0 a high severity vulnerability CVE-2024-54139 was detected. This vulnerability allows attackers to perform cross-site scripting, which can lead to cross-site request forgery via the `_table_id` parameter. To address this issue, users should upgrade iTop to versions 2.7.11, 3.1.2, or 3.2.0. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-54139.

    Read more
    IT Business Management
    26 Nov 2024 Project and Agile Management
    Ansible: OAuth2 Token Privilege Escalation

    In Ansible Automation Platform version 2 a medium severity vulnerability CVE-2024-11483 was detected. Attackers can escalate privileges by misusing read-scoped OAuth2 (Open Authorization 2.0) tokens to gain write access, affecting API endpoints using ansible_base.oauth2_provider. Currently, there is no fix version for this issue. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-11483.

    Read more
    IT Business Management
    14 Nov 2024 Project and Agile Management
    iTop: Unauthorized Service Access Issue

    In iTop versions before 3.2.0 a medium severity vulnerability CVE-2024-52001 was detected. It allows portal users to access restricted service information. This issue has been addressed in version 3.2.0, and all users are advised to upgrade. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-52001.

    Read more
    IT Business Management
    14 Nov 2024 Project and Agile Management
    iTop: Reflected XSS Security Issue in Versions Before 3.2.0

    In iTop versions before 3.2.0 a high severity vulnerability CVE-2024-52000 was detected. It allows attackers to run malicious JavaScript by modifying request payloads. This issue is fixed in version 3.2.0 through improved error message handling. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-52000.

    Read more
    IT Business Management
    14 Nov 2024 Project and Agile Management
    Ansible: Risk of Code Execution Due to Unsafe Content Protection

    In Ansible versions 2, including Ansible-Core a medium severity vulnerability CVE-2024-11079 was found. This issue allows attackers to bypass protections and execute unsafe content using the hostvars object. If playbooks improperly handle remote data or module outputs, it could lead to arbitrary code execution. Currently, there is no fix version for this issue. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-11079.

    Read more
    IT Business Management
    14 Nov 2024 Project and Agile Management
    iTop: Cross-Site Request Forgery Vulnerability

    In iTop versions before 3.2.0 a high severity Cross-Site Request Forgery (CSRF) vulnerability CVE-2024-52002 was detected. This vulnerability allows attackers to exploit certain URL endpoints to carry out unauthorized actions. To address this issue, users are advised to upgrade to version 3.2.0. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-52002.

    Read more
    IT Business Management
    6 Nov 2024 Project and Agile Management
    iTop: HTTP Request Forgery Vulnerability

    In iTop versions prior to 2.7.11, from 3.0.0 up to 3.0.5, and from 3.1.0 up to 3.1.2 a medium severity vulnerability CVE-2024-49367 was found. This vulnerability allows low-privileged users create HTTP requests as the server. The issue was fixed by limiting access in the user portal to only safe functions. To address this issue, upgrade to versions 2.7.11, 3.0.5, 3.1.2, and 3.2.0. For more details, visit https://nvd.nist.gov/vuln/detail/cve-2024-49367.

    Read more
    IT Business Management
    Proactive Insights and Support For Open-Source Applications
    Contact us: Whatsapp
    Company
    • About Hossted
    • Data Processing Addendum
    Solutions
    • Applications
    • Support Plans
    • About Solution
    Resources
    • FAQ
    • Knowledge Base
    © HOSSTED 2025 All rights reserved
    • Privacy Policy
    • Terms and Conditions
    • Cookies Policy