CVE-2015-5720

MISP/MISP
on github

Published

Severity

CVSS v3:
6.1 MEDIUM
CVSS v2:
4.3 MEDIUM

Description

Multiple cross-site scripting (XSS) vulnerabilities in the template-creation feature in Malware Information Sharing Platform (MISP) before 2.3.90 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) add.ctp, (2) edit.ctp, and (3) ajaxification.js.

References

Configurations

CPE23Version StartVersion EndExact Version
cpe:2.3:a:misp-project:malware_information_sharing_platform:*:*:*:*:*:*:*:*n/a2.3.89 (including)*

External Links