Zurück zur CVE-Übersicht
CVE-2015-5720
MEDIUM(4.3)AV:N/AC:M/Au:N/C:N/I:P/A:N
Risk Signal Score11/100 — NIEDRIG
- CVSS 4.3 — Mittel
EPSS-Score
1%
Exploit-Wahrscheinlichkeit (30 Tage)
CVSS Score
4.3
Technische Schwere
Beschreibung
Multiple cross-site scripting (XSS) vulnerabilities in the template-creation feature in Malware Information Sharing Platform (MISP) before 2.3.90 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) add.ctp, (2) edit.ctp, and (3) ajaxification.js.
Referenzen
- http://www.securityfocus.com/bid/92738
- https://github.com/MISP/MISP/commit/812ac878c3645c02e2a599287117418424cbd4cf
- https://www.circl.lu/advisory/CVE-2015-5720/
- http://www.securityfocus.com/bid/92738
- https://github.com/MISP/MISP/commit/812ac878c3645c02e2a599287117418424cbd4cf
- https://www.circl.lu/advisory/CVE-2015-5720/