Misp · Misp · CVE-2017-13671
**Name of the Vulnerable Software and Affected Versions**
MISP versions prior to 2.4.79
**Description**
The issue is related to persistent XSS via comments in the `app/View/Helper/CommandHelper.php` file. It affects users of the same instance, as the comment field is not part of the MISP synchronization.
**Recommendations**
For versions prior to 2.4.79, update to version 2.4.79 or later to resolve the issue.