CVE-2017-13671 - Vulnerability in MISP (Malware Information Sharing Platform) and Threat Sharing - potential persistent cross site scripting vulnerability in the comments

CVE-2017-13671 - Vulnerability in MISP (Malware Information Sharing Platform) and Threat Sharing - potential persistent cross site scripting vulnerability in the comments

  1. Cross site scripting vulnerability in the comments
  2. Fixes
  3. CVE
  4. Acknowledgement
  5. Classification of this document
  6. Revision

You can report incidents via our official contact including e-mail, phone or use the Anonymous reporting form.

Search


CIRCL is accredited TI CIRCL is a FIRST member CIRCL is an OASIS member

Cross site scripting vulnerability in the comments

In MISP 2.4.78 (and below), a MISP user having access to a MISP instance can inject JavaScript in a comment field, aka XSS.

The comment field is not part of the MISP synchronisation and only impacts the users of the same instance.

Fixes

MISP versions below 2.4.79 are vulnerable. This vulnerability is fixed in version 2.4.79.

CVE

CVE-2017-13671

Acknowledgement

CIRCL would like to thank the reporters Jurgen Jans and Cedric Van Bockhaven from Deloitte.

Classification of this document

TLP:WHITE information may be distributed without restriction, subject to copyright controls.

Revision

  • Version 1.0 - TLP:WHITE - First version (20170825)