CVE-2017-16802
on github
Published
Severity
CVSS v3:
5.4 MEDIUM
CVSS v2:
3.5 LOW
Description
In the sharingGroupPopulateOrganisations function in app/webroot/js/misp.js in MISP 2.4.82, there is XSS via a crafted organisation name that is manually added.
References
Configurations
CPE23 | Version Start | Version End | Exact Version |
---|---|---|---|
cpe:2.3:a:misp-project:misp:2.4.82:*:*:*:*:*:*:* | n/a | n/a | 2.4.82 |