mirror of https://github.com/MISP/MISP
60c85b80e3
- low probability XSS in the cerebrate view's URL field - a malicious administrator could set a javascript: url - another administrator would have to click the suspicious looking URL to be affected - As reported by Dawid Czarnecki of Zigrin Security on behalf of the Luxembourg Army |
||
---|---|---|
.. | ||
Fields | ||
child.ctp | ||
single_view.ctp |