Affected configuration(s):


Date published: 2017-08-24T15:29:00.250-04:00

Date last modified: 2017-09-05T14:56:33.737-04:00

CVSS Score: 4.3

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL:

Summary: app/View/Helper/CommandHelper.php in MISP before 2.4.79 has persistent XSS via comments. It only impacts the users of the same instance because the comment field is not part of the MISP synchronisation.


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.