CVE-2025-48055 – Combodo iTop has stored XSS in user portal’s browse brick

CVE ID : CVE-2025-48055

Published : Nov. 10, 2025, 9:15 p.m. | 15 minutes ago

Description : Combodo iTop is a web based IT service management tool. In versions prior to 3.2.2, when displaying content in a browse brick in the user portal, a cross-site scripting attack can occur. This is fixed in versions 3.2.2 and 3.3.0.

Severity: 8.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…