Date published: 2017-08-24T15:29:00.250-04:00
Date last modified: 2017-09-05T14:56:33.737-04:00
CVSS Score: 4.3
Principal attack vector: NETWORK
Reference URL: http://www.securityfocus.com/bid/100533
Summary: app/View/Helper/CommandHelper.php in MISP before 2.4.79 has persistent XSS via comments. It only impacts the users of the same instance because the comment field is not part of the MISP synchronisation.