Misp · Misp · CVE-2021-36212
**Name of the Vulnerable Software and Affected Versions**
MISP versions prior to 2.4.146
**Description**
The issue allows stored XSS in the sharing groups view. This occurs due to a problem in the `app/View/SharingGroups/view.ctp` file.
**Recommendations**
For versions prior to 2.4.146, update to version 2.4.146 or later to resolve the issue. As a temporary workaround, consider restricting access to the `app/View/SharingGroups/view.ctp` file until a patch is applied.