Itop · Itop · CVE-2025-24969
Name of the Vulnerable Software and Affected Versions:
iTop versions prior to 3.2.1
Description:
The issue allows a portal user to see any other contact's picture by changing the picture ID in the URL.
Recommendations:
For versions prior to 3.2.1, update to version 3.2.1 to resolve the issue.