{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-08T09:14:28.380","vulnerabilities":[{"cve":{"id":"CVE-2025-24785","sourceIdentifier":"security-advisories@github.com","published":"2025-05-14T15:15:56.983","lastModified":"2025-08-01T18:38:35.280","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"iTop is an web based IT Service Management tool. In version 3.2.0, an attacker may send a URL to the server to trigger a PHP error. The next user trying to load this dashboard would encounter a crashed start page. Version 3.2.1 fixes the issue by checking the provided layout_class before saving the dashboard."},{"lang":"es","value":"iTop es una herramienta web de gestión de servicios de TI. En la versión 3.2.0, un atacante podía enviar una URL al servidor para generar un error de PHP. El siguiente usuario que intentara cargar este panel se encontraría con una página de inicio bloqueada. La versión 3.2.1 corrige el problema comprobando la clase layout_class antes de guardar el panel. "}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":1.4}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:combodo:itop:*:*:*:*:*:*:*:*","versionStartIncluding":"3.2.0","versionEndExcluding":"3.2.1","matchCriteriaId":"6BE41CA6-35B8-41BA-B116-B63136CA48C9"}]}]}],"references":[{"url":"https://github.com/Combodo/iTop/security/advisories/GHSA-49rq-cgv9-7hv4","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}}]}