What the vulnerability does
01Description
iTop is an IT service management platform. When dashlet are refreshed, XSS attacks are possible. This vulnerability is fixed in 3.0.4 and 3.1.1.
CVE-2023-47622
HIGH
CVE-2023-47622: iTop vulnerable to XSS vulnerability in dashlet refresh
CVSS base score
8.8/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Key dates
02Disclosure timeline
April 15, 2024
CVE published
August 2, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2025-10340 WhatCD Gazelle Commit Message change_log.php cross site scripting
CVE-2024-51813 WordPress Anant Addons for Elementor plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability
CVE-2026-48218 Open ISES Tickets < 3.44.2 Reflected XSS via icons/buttons/landb.php frm_name and frm_id Parameters
CVE-2022-4865 Cross-site Scripting (XSS) - Stored in usememos/memos
CVE-2025-11068 westboy CicadasCMS save cross site scripting
