CVE-2024-54675

medium

Description

app/webroot/js/workflows-editor/workflows-editor.js in MISP through 2.5.2 has stored XSS in the editor interface for an ad-hoc workflow.

References

https://github.com/MISP/MISP/commit/e02c2b864a85d14d64adf9f878f9c7b2bdd15173

Details

Source: Mitre, NVD

Published: 2024-12-04

Updated: 2024-12-05

Risk Information

CVSS v2

Base Score: 3.5

Vector: CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:N

Severity: Low

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Severity: Medium