CVE-2021-37743

on github

Published

July 30, 2021

Severity

CVSS v3:

5.4 MEDIUM

CVSS v2:

3.5 LOW

Description

app/View/GalaxyElements/ajax/index.ctp in MISP 2.4.147 allows Stored XSS when viewing galaxy cluster elements in JSON format.

References

https://github.com/MISP/MISP/commit/f318f7c0ddac7dfd2b1f246fd8f488d9dfc3a4bf

Configurations

CPE23	Version Start	Version End	Exact Version
cpe:2.3:a:misp:misp:2.4.147:::::::*	n/a	n/a	2.4.147

External Links

NVD - CVE-2021-37743