Misp: >> Misp >> 2.4.134 Security Vulnerabilities
MISP before 2.4.135 lacks an ACL check, related to app/Controller/GalaxyElementsController.php and app/Model/GalaxyElement.php.
CVSS Score
9.8
EPSS Score
0.004
Published
2020-11-24
In MISP 2.4.134, XSS exists in the template element index view because the id parameter is mishandled.
CVSS Score
6.1
EPSS Score
0.002
Published
2020-11-19
Page 4