CVE-2020-10246

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2020-10246

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-10246.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-10246

Published

2020-03-09T19:15:15.240Z

Modified

2026-04-10T04:18:28.712920Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

MISP 2.4.122 has reflected XSS via unsanitized URL parameters. This is related to app/View/Users/statistics_orgs.ctp.

References

Affected packages

Git / github.com/misp/misp

Affected ranges

Type

GIT

Repo

https://github.com/misp/misp

Events

Introduced

Last affected

5bef9d03a95517f90b11e6a488a7fee1f9335f3c

Fixed

43a0757fb33769d9ad4ca09e8f2ac572f9f6a491

Fixed

eaf50ed47e90f0f727034bea2149a3862ef48e31

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.4.122"
        }
    ]
}

Affected versions

Other

codename/tellurium

v0.*

v0.2

v2.*

v2.3.0

v2.4.0

v2.4.1

v2.4.10

v2.4.100

v2.4.101

v2.4.102

v2.4.106

v2.4.107

v2.4.109

v2.4.11

v2.4.110

v2.4.111

v2.4.118

v2.4.120

v2.4.121

v2.4.122

v2.4.13

v2.4.14

v2.4.15

v2.4.16

v2.4.17

v2.4.18

v2.4.2

v2.4.20

v2.4.21

v2.4.22

v2.4.23

v2.4.24

v2.4.25

v2.4.26

v2.4.27

v2.4.3

v2.4.34

v2.4.35

v2.4.36

v2.4.37

v2.4.38

v2.4.39

v2.4.4

v2.4.43

v2.4.45

v2.4.46

v2.4.47

v2.4.48

v2.4.5

v2.4.50

v2.4.51

v2.4.52

v2.4.53

v2.4.54

v2.4.56

v2.4.57

v2.4.58

v2.4.59

v2.4.60

v2.4.61

v2.4.62

v2.4.63

v2.4.64

v2.4.65

v2.4.7

v2.4.78

v2.4.80

v2.4.82

v2.4.83

v2.4.85

v2.4.86

v2.4.87

v2.4.88

v2.4.89

v2.4.9

v2.4.91

v2.4.93

v2.4.94

v2.4.95

v2.4.96

v2.4.98

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-10246.json"