3 matches found
MISP cross-site scripting vulnerability (CNVD-2017-36544)
MISP is a suite of open source software solutions for collecting, storing, distributing and sharing cybersecurity metrics and threats cybersecurity event analysis and malware analysis. A cross-site scripting vulnerability exists in the 'sharingGroupPopulateOrganisations' function in the...
Design/Logic Flaw
In the sharingGroupPopulateOrganisations function in app/webroot/js/misp.js in MISP 2.4.82, there is XSS via a crafted organisation name that is manually added...
CVE-2017-16802
In the sharingGroupPopulateOrganisations function in app/webroot/js/misp.js in MISP 2.4.82, there is XSS via a crafted organisation name that is manually added...