CVE-2015-5720
on github
Published
Severity
CVSS v3:
6.1 MEDIUM
CVSS v2:
4.3 MEDIUM
Description
Multiple cross-site scripting (XSS) vulnerabilities in the template-creation feature in Malware Information Sharing Platform (MISP) before 2.3.90 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) add.ctp, (2) edit.ctp, and (3) ajaxification.js.
References
Configurations
CPE23 | Version Start | Version End | Exact Version |
---|---|---|---|
cpe:2.3:a:misp-project:malware_information_sharing_platform:*:*:*:*:*:*:*:* | n/a | 2.3.89 (including) | * |