exploitDog

CVE-2020-13153

Опубликовано: 18 мая 2020

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

app/View/Events/resolved_attributes.ctp in MISP before 2.4.126 has XSS in the resolved attributes view.

Ссылки

https://github.com/MISP/MISP/commit/2989aa05225aa9b3a592ca50cbf8350ef256909c
Patch
Third Party Advisory
https://github.com/MISP/MISP/compare/v2.4.125...v2.4.126
Release Notes
Third Party Advisory
https://github.com/MISP/MISP/commit/2989aa05225aa9b3a592ca50cbf8350ef256909c
Patch
Third Party Advisory
https://github.com/MISP/MISP/compare/v2.4.125...v2.4.126
Release Notes
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:misp:misp:*:*:*:*:*:*:*:*

Версия до 2.4.126 (исключая)

EPSS

Процентиль: 47%

0.0024

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-r35w-x8hj-pw5h

github

больше 3 лет назад

app/View/Events/resolved_attributes.ctp in MISP before 2.4.126 has XSS in the resolved attributes view.

EPSS

Процентиль: 47%

0.0024

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79