chg: [blog] CVE link added

iglocska-patch-1
Alexandre Dulaunoy 2019-03-28 20:46:32 +01:00
parent ccddb38cf3
commit f10ad3fdaf
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
1 changed files with 2 additions and 2 deletions

View File

@ -4,9 +4,9 @@ layout: post
featured: /assets/images/misp/blog/distribution-graph.png
---
A new version of MISP ([2.4.105](https://github.com/MISP/MISP/tree/v2.4.105)) has been released to fix a security vulnerability (CVE-2019-10254) in addition to some minor improvements and a fix for the STIX 1.1 import, enabling the import of files with additional namespaces (such as [CISCP](https://www.dhs.gov/cisa/cyber-information-sharing-and-collaboration-program-ciscp)).
A new version of MISP ([2.4.105](https://github.com/MISP/MISP/tree/v2.4.105)) has been released to fix a security vulnerability ([CVE-2019-10254](https://cve.circl.lu/cve/CVE-2019-10254)) in addition to some minor improvements and a fix for the STIX 1.1 import, enabling the import of files with additional namespaces (such as [CISCP](https://www.dhs.gov/cisa/cyber-information-sharing-and-collaboration-program-ciscp)).
This release includes a security fix for a reflected XSS (CVE-2019-10254) vulnerability in the default layout template as reported by Tuscany Internet eXchange - Misp Team - TIX CyberSecurity (Thanks to them!). We strongly recommend that everyone update their MISPs to the latest version.
This release includes a security fix for a reflected XSS ([CVE-2019-10254](https://cve.circl.lu/cve/CVE-2019-10254)) vulnerability in the default layout template as reported by Tuscany Internet eXchange - Misp Team - TIX CyberSecurity (Thanks to them!). We strongly recommend that everyone update their MISPs to the latest version.
The STIX 1.1 import can now import STIX files using additional, non-standard namespaces (such as [CISCP](https://www.dhs.gov/cisa/cyber-information-sharing-and-collaboration-program-ciscp)).