CVE-2024-6202
HaloITSM versions up to 2.146.1 are affected by a SAML XML Signature Wrapping XSW vulnerability. When having a SAML integration configured, anonymous actors could impersonate arbitrary HaloITSM users by just knowing their email address. HaloITSM versions past 2.146.1 and patches starting from...