CVE-2018-11562

MISP/MISP

on github

Published

May 30, 2018

Severity

CVSS v3:

6.1 MEDIUM

CVSS v2:

4.3 MEDIUM

Description

An issue was discovered in MISP 2.4.91. A vulnerability in app/View/Elements/eventattribute.ctp allows reflected XSS if a user clicks on a malicious link for an event view and then clicks on the deleted attributes quick filter.

References

https://github.com/MISP/MISP/commit/10080096879d1076756f62760d6daf582b6db722

Configurations

CPE23	Version Start	Version End	Exact Version
cpe:2.3:a:misp:misp:2.4.91:::::::*	n/a	n/a	2.4.91

External Links

NVD - CVE-2018-11562