PT-2024-37446 · Haloitsm · Haloitsm
Published
2024-08-06
·
Updated
2024-08-29
·
CVE-2024-6201
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
HaloITSM versions up to 2.146.1
Description:
The issue is related to a Template Injection vulnerability within the engine used to generate emails, which can lead to the leakage of potentially sensitive information.
Recommendations:
For versions up to 2.146.1, update to a version past 2.146.1 to fix the vulnerability.
For versions between 2.143.61 and 2.146.1, apply patches starting from 2.143.61 to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Haloitsm