Vulnerability Details CVE-2024-21838
Improper neutralization of special elements in output (CWE-74) used by the email generation feature of the Command Centre Server could lead to HTML code injection in emails generated by Command Centre.
This issue affects: Gallagher Command Centre 9.00 prior to vEL9.00.1774 (MR2), 8.90 prior to vEL8.90.1751 (MR3), 8.80 prior to vEL8.80.1526 (MR4), 8.70 prior to vEL8.70.2526 (MR6), all version of 8.60 and prior.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.5%
CVSS Severity
CVSS v3 Score 6.8
References
Products affected by CVE-2024-21838
-
cpe:2.3:a:gallagher:command_centre:-
-
cpe:2.3:a:gallagher:command_centre:7.70
-
cpe:2.3:a:gallagher:command_centre:7.80
-
cpe:2.3:a:gallagher:command_centre:7.80.939
-
cpe:2.3:a:gallagher:command_centre:7.80.960
-
cpe:2.3:a:gallagher:command_centre:7.90
-
cpe:2.3:a:gallagher:command_centre:7.90.0
-
cpe:2.3:a:gallagher:command_centre:7.90.1038
-
cpe:2.3:a:gallagher:command_centre:7.90.961
-
cpe:2.3:a:gallagher:command_centre:7.90.991
-
cpe:2.3:a:gallagher:command_centre:8.0
-
cpe:2.3:a:gallagher:command_centre:8.00
-
cpe:2.3:a:gallagher:command_centre:8.00.1128
-
cpe:2.3:a:gallagher:command_centre:8.00.1161
-
cpe:2.3:a:gallagher:command_centre:8.00.1228
-
cpe:2.3:a:gallagher:command_centre:8.00.1252
-
cpe:2.3:a:gallagher:command_centre:8.10
-
cpe:2.3:a:gallagher:command_centre:8.10.1092
-
cpe:2.3:a:gallagher:command_centre:8.10.1134
-
cpe:2.3:a:gallagher:command_centre:8.10.1211
-
cpe:2.3:a:gallagher:command_centre:8.10.1253
-
cpe:2.3:a:gallagher:command_centre:8.10.1284
-
cpe:2.3:a:gallagher:command_centre:8.20
-
cpe:2.3:a:gallagher:command_centre:8.20.1093
-
cpe:2.3:a:gallagher:command_centre:8.20.1166
-
cpe:2.3:a:gallagher:command_centre:8.20.1218
-
cpe:2.3:a:gallagher:command_centre:8.20.1259
-
cpe:2.3:a:gallagher:command_centre:8.30
-
cpe:2.3:a:gallagher:command_centre:8.30.1236
-
cpe:2.3:a:gallagher:command_centre:8.30.1299
-
cpe:2.3:a:gallagher:command_centre:8.30.1359
-
cpe:2.3:a:gallagher:command_centre:8.30.1470
-
cpe:2.3:a:gallagher:command_centre:8.40.1888
-
cpe:2.3:a:gallagher:command_centre:8.40.2216
-
cpe:2.3:a:gallagher:command_centre:8.50
-
cpe:2.3:a:gallagher:command_centre:8.50.2245
-
cpe:2.3:a:gallagher:command_centre:8.50.2831
-
cpe:2.3:a:gallagher:command_centre:8.60
-
cpe:2.3:a:gallagher:command_centre:8.70
-
cpe:2.3:a:gallagher:command_centre:8.70.1787
-
cpe:2.3:a:gallagher:command_centre:8.70.2185
-
cpe:2.3:a:gallagher:command_centre:8.70.2375
-
cpe:2.3:a:gallagher:command_centre:8.80
-
cpe:2.3:a:gallagher:command_centre:8.80.1192
-
cpe:2.3:a:gallagher:command_centre:8.80.1369
-
cpe:2.3:a:gallagher:command_centre:8.90
-
cpe:2.3:a:gallagher:command_centre:8.90.1318
-
cpe:2.3:a:gallagher:command_centre:8.90.1620
-
cpe:2.3:a:gallagher:command_centre:9.00
-
cpe:2.3:a:gallagher:command_centre:9.00.1507