{"id":"CVE-2020-28947","details":"In MISP 2.4.134, XSS exists in the template element index view because the id parameter is mishandled.","modified":"2026-07-08T20:42:30.279586Z","published":"2020-11-19T18:15:15.163Z","references":[{"type":"FIX","url":"https://github.com/MISP/MISP/commit/626ca544ffb5604ea01bb291f69811668b6b5631"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/misp/misp","events":[{"introduced":"158036f525fb494079efb01d35246a3eced184ea"},{"last_affected":"158036f525fb494079efb01d35246a3eced184ea"},{"fixed":"626ca544ffb5604ea01bb291f69811668b6b5631"}],"database_specific":{"cpe":"cpe:2.3:a:misp-project:misp:2.4.134:*:*:*:*:*:*:*","extracted_events":[{"introduced":"2.4.134"},{"last_affected":"2.4.134"}],"source":["CPE_STRING","REFERENCES"]}}],"versions":["2.4.134","v2.4.134"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-28947.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}