Vulnerability CVE-2024-36426
Published: 2024-05-27   Modified: 2024-05-28

Description:
In TARGIT Decision Suite 23.2.15007.0 before Autumn 2023, the session token is part of the URL and may be sent in a cleartext HTTP session.

 References:
https://community.targit.com/hc/en-us/articles/12618082416028-Change-Log-On-prem
https://github.com/DMCERTCE/DecisionSuite_Token_in_Url
Copyright 2026, cxsecurity.com

 

Back to Top