CVE-2018-11562
NONE EPSS 52.3%
Published May 30, 20188y ago · Modified Jun 22, 20261w ago
Published May 30, 2018 8y ago
Last Modified Jun 22, 2026 1w ago
Description
An issue was discovered in MISP 2.4.91. A vulnerability in app/View/Elements/eventattribute.ctp allows reflected XSS if a user clicks on a malicious link for an event view and then clicks on the deleted attributes quick filter.
Threat Intelligence
EPSS Exploit Probability
52.3% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-79 Cross-site Scripting Injection
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| misp-project | misp | 2.4.91 | any |
References 1
- github.com https://github.com/MISP/MISP/commit/10080096879d1076756f62760d6daf582b6db722
Remediation
- github.com https://github.com/MISP/MISP/commit/10080096879d1076756f62760d6daf582b6db722