PT-2024-37445 · Haloitsm · Haloitsm
Name of the Vulnerable Software and Affected Versions: HaloITSM versions up to 2.146.1 Description: The issue is a Stored Cross-Site Scripting XSS vulnerability, where injected JavaScript code can execute arbitrary actions on behalf of the user accessing a ticket. Recommendations: For HaloITSM...