CVE-2024-21838

CVSS V2 None CVSS V3 None
Description
Improper neutralization of special elements in output (CWE-74) used by the email generation feature of the Command Centre Server could lead to HTML code injection in emails generated by Command Centre. This issue affects: Gallagher Command Centre 9.00 prior to vEL9.00.1774 (MR2), 8.90 prior to vEL8.90.1751 (MR3), 8.80 prior to vEL8.80.1526 (MR4), 8.70 prior to vEL8.70.2526 (MR6),  all version of 8.60 and prior.
Overview
  • CVE ID
  • CVE-2024-21838
  • Assigner
  • Gallagher
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-03-05T03:11:55.586Z
  • Last Modified Date
  • 2024-06-04T17:38:11.847Z
History
Created Old Value New Value Data Type Notes
2024-06-26 15:31:15 Added to TrackCVE