Vulnerabilities > Haloservicesolutions > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-06 | CVE-2024-6200 | Cross-site Scripting vulnerability in Haloservicesolutions Haloitsm HaloITSM versions up to 2.146.1 are affected by a Stored Cross-Site Scripting (XSS) vulnerability. | 5.4 |
| 2024-08-06 | CVE-2024-6201 | Unspecified vulnerability in Haloservicesolutions Haloitsm 2.143.8/2.144/2.146 HaloITSM versions up to 2.146.1 are affected by a Template Injection vulnerability within the engine used to generate emails. | 5.3 |