CVE-2021-37743
app/View/GalaxyElements/ajax/index.ctp in MISP 2.4.147 allows Stored XSS when viewing galaxy cluster elements in JSON format.
Date published : 2021-07-29
https://github.com/MISP/MISP/commit/f318f7c0ddac7dfd2b1f246fd8f488d9dfc3a4bf
app/View/GalaxyElements/ajax/index.ctp in MISP 2.4.147 allows Stored XSS when viewing galaxy cluster elements in JSON format.
Date published : 2021-07-29
https://github.com/MISP/MISP/commit/f318f7c0ddac7dfd2b1f246fd8f488d9dfc3a4bf