MISP is an open source software solution. The product is used to collect, store, distribute, and share network security metrics and has features such as threat network security event analysis and malware analysis. cross-site scripting vulnerability exists in versions prior to MISP 2.4.158, which stems from a lack of data validation filtering of user-supplied data and output in galaxy clusters. An attacker could use this vulnerability to execute JavaScript code on the client side.