← Back to CVE List
CVE-2017-13671
app/View/Helper/CommandHelper.php in MISP before 2.4.79 has persistent XSS via comments. It only impacts the users of the same instance because the comment field is not part of the MISP synchronisation.
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt