Combodo iTop contains a cross-site request forgery (CSRF) vulnerability, attackers can execute specific commands via malicious site request forgery.
https://www.twcert.org.tw/tw/cp-132-3837-050db-1.html
https://github.com/Combodo/iTop/security/advisories/GHSA-34rq-vfmf-gg5v