Multiple cross-site scripting (XSS) vulnerabilities in the template-creation feature in Malware Information Sharing Platform (MISP) prior to 2.3.90 allow remote malicious users to inject arbitrary web script or HTML via vectors involving (1) add.ctp, (2) edit.ctp, and (3) ajaxification.js.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
misp-project malware information sharing platform |