Vulnerability Details CVE-2021-37742
app/View/Elements/GalaxyClusters/view_relation_tree.ctp in MISP 2.4.147 allows Stored XSS when viewing galaxy cluster relationships.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.0%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 3.5
References
- https://github.com/MISP/MISP/commit/af50add82433eb2a740c3621b99d9d14d2b1e192
- https://zigrin.com/advisories/misp-stored-xss-when-viewing-galaxy-cluster-relationships/
- https://github.com/MISP/MISP/commit/af50add82433eb2a740c3621b99d9d14d2b1e192
- https://zigrin.com/advisories/misp-stored-xss-when-viewing-galaxy-cluster-relationships/