MISP is an open source software solution. The product is used to collect, store, distribute, and share network security metrics, and has features such as threat network security event analysis and malware analysis. cross-site scripting vulnerabilities exist in versions of MISP prior to 2.4.158, which can be exploited by attackers to execute malicious code, tamper with pages to implement phishing attacks, and lure users to log in again and then obtain their login credentials.