MISP – Reflected XSS
MISP – Reflected XSS in “uploadFile” action of the Templates controller
CIRCL – Computer Incident Response Center Luxembourg
Update to MISP v2.4.167
The MISP is an Open Source Threat Intelligence Platform meant for sharing security-related information between various organizations. MISP is supported financially and in terms of resources by Computer Incident Response Center Luxembourg – CIRCL
The “uploadFile” action of the Templates controller is vulnerable to Reflected Cross-Site Scripting attack.
This vulnerability was detected with help of Cake Fuzzer: https://github.com/Zigrin-Security/CakeFuzzer
Do you think the security of your data might be lacking? Let's find the best approach together.
Once you contact us, we will ask you about the project you want to secure.