CVE-2020-28947

on github

Published

November 19, 2020

Severity

CVSS v3:

6.1 MEDIUM

CVSS v2:

4.3 MEDIUM

Description

In MISP 2.4.134, XSS exists in the template element index view because the id parameter is mishandled.

References

https://github.com/MISP/MISP/commit/626ca544ffb5604ea01bb291f69811668b6b5631

Configurations

CPE23	Version Start	Version End	Exact Version
cpe:2.3:a:misp:misp:2.4.134:::::::*	n/a	n/a	2.4.134

External Links

NVD - CVE-2020-28947