CVE-2024-21838

🗓️ 05 Mar 2024 03:11:55Reported by GallagherType

Improper neutralization of special elements in output (CWE-74) in Command Centre Server email generation featur

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2024-21838	5 Mar 202404:27	–	circl
CNNVD	Gallagher Command Centre Cross-Site Scripting Vulnerability	5 Mar 202400:00	–	cnnvd
Cvelist	CVE-2024-21838	5 Mar 202403:11	–	cvelist
EUVD	EUVD-2024-19450	3 Oct 202520:07	–	euvd
NVD	CVE-2024-21838	5 Mar 202403:15	–	nvd
OSV	CVE-2024-21838	5 Mar 202403:15	–	osv
Prion	Code injection	5 Mar 202403:15	–	prion
Positive Technologies	PT-2024-19085 · Gallagher · Gallagher Command Centre	4 Mar 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-21838	23 May 202508:26	–	redhatcve
Vulnrichment	CVE-2024-21838	5 Mar 202403:11	–	vulnrichment

NVD

Node

gallagher command_centreRange≤8.60

gallagher command_centreRange8.70–8.70.2526

gallagher command_centreRange8.80–8.80.1526

gallagher command_centreRange8.90–8.90.1751

gallagher command_centreRange9.00–9.00.1774

[
  {
    "defaultStatus": "unaffected",
    "product": "Command Centre Server",
    "vendor": "Gallagher ",
    "versions": [
      {
        "lessThanOrEqual": "8.60",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      },
      {
        "lessThan": "vEL9.00.1774 (MR2)",
        "status": "affected",
        "version": "9.00",
        "versionType": "custom"
      },
      {
        "lessThan": "vEL8.90.1751 (MR3)",
        "status": "affected",
        "version": "8.90",
        "versionType": "custom"
      },
      {
        "lessThan": "vEL8.80.1526 (MR4)",
        "status": "affected",
        "version": "8.80",
        "versionType": "custom"
      },
      {
        "lessThan": "vEL8.70.2526",
        "status": "affected",
        "version": "8.70",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
security	www.security.gallagher.com/en-NZ/Security-Advisories/CVE-2024-21838

10 Feb 2025 22:33Current

6.8Medium risk

Vulners AI Score6.8

CVSS 3.15.4 - 6.8

EPSS0.0032

SSVC