Persistent XSS Vulnerability in MISP before 2.4.107 Allows JavaScript Injection via Discussion Interface
CVE-2019-11812 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:P/A:N
A persistent XSS issue was discovered in app/View/Helper/CommandHelper.php in MISP before 2.4.107. JavaScript can be included in the discussion interface, and can be triggered by clicking on the link.
Learn more about our Web Application Penetration Testing UK.