CVE-2024-21838

Improper neutralization of special elements in output CWE-74 used by the email generation feature of the Command Centre Server could lead to HTML code injection in emails generated by Command Centre. This issue affects: Gallagher Command Centre 9.00 prior to vEL9.00.1774 MR2, 8.90 prior to...

PT-2023-19049 · Gallagher · Gallagher Command Centre

Name of the Vulnerable Software and Affected Versions: Gallagher Command Centre versions 8.80 and prior Gallagher Command Centre versions 8.90 prior to vEL8.90.1620 MR2 Description: The Client-Side enforcement of Server-Side security for the Command Centre server could be bypassed, leading to...