CVE-2022-27246

on github

Published

March 18, 2022

Severity

CVSS v3:

6.1 MEDIUM

CVSS v2:

4.3 MEDIUM

Description

An issue was discovered in MISP before 2.4.156. An SVG org logo (which may contain JavaScript) is not forbidden by default.

References

https://github.com/MISP/MISP/commit/08a07a38ae81f3b55d81cfcd4501ac1eb1c9c4dc

Configurations

CPE23	Version Start	Version End	Exact Version
cpe:2.3:a:misp:misp::::::::	n/a	2.4.156	*

External Links

NVD - CVE-2022-27246