cvedb.io
CVE-2017-13671
MEDIUM · CVSS 6.1
EPSS exploitation probability: 0%
Published 2017-08-24T19:29:00.250 · Last modified 2026-06-22T19:23:18.580

Summary

app/View/Helper/CommandHelper.php in MISP before 2.4.79 has persistent XSS via comments. It only impacts the users of the same instance because the comment field is not part of the MISP synchronisation.

Affected products

misp-project — misp

Does this affect you?

Add your gear to cvedb and we'll alert you only when misp-project ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.