CVE-2017-13671
N/A
N/A
Summary
app/View/Helper/CommandHelper.php in MISP before 2.4.79 has persistent XSS via comments. It only impacts the users of the same instance because the comment field is not part of the MISP synchronisation.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.securityfocus.com/bid/100533
- https://github.com/MISP/MISP/commit/6eba658d4a648b41b357025d864c19a67412b8aa
References
- http://www.securityfocus.com/bid/100533
- https://github.com/MISP/MISP/commit/6eba658d4a648b41b357025d864c19a67412b8aa
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.