Stored XSS vulnerability in MISP 2.4.147 allows malicious code execution when viewing galaxy cluster relationships

Stored XSS vulnerability in MISP 2.4.147 allows malicious code execution when viewing galaxy cluster relationships

CVE-2021-37742 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

app/View/Elements/GalaxyClusters/view_relation_tree.ctp in MISP 2.4.147 allows Stored XSS when viewing galaxy cluster relationships.

Learn more about our Web Application Penetration Testing UK.