CVE-2023-28884

In MISP 2.4.169, app/Lib/Tools/CustomPaginationTool.php allows XSS in the community index...

CVE-2023-28884

In MISP 2.4.169, app/Lib/Tools/CustomPaginationTool.php allows XSS in the community index...

Design/Logic Flaw

In MISP 2.4.169, app/Lib/Tools/CustomPaginationTool.php allows XSS in the community index...

CVE-2023-28884

In MISP 2.4.169, app/Lib/Tools/CustomPaginationTool.php allows XSS in the community index...

CVE-2023-28884

CVE-2023-28884: In MISP 2.4.169, the vulnerability resides in app/Lib/Tools/CustomPaginationTool.php, allowing cross-site scripting in the community index. The issue is documented across multiple sources (NVD/OSV/Red Hat) with the impact described as XSS and a base CVSS 3.1 score of 6.1 (Medium)....

PT-2023-22031 · Misp · Misp

Name of the Vulnerable Software and Affected Versions: MISP version 2.4.169 Description: The issue allows for XSS in the community index due to a vulnerability in the CustomPaginationTool.php file. Recommendations: For MISP version 2.4.169, update to a version that fixes the issue in the...

CVE-2023-28607

js/event-graph.js in MISP before 2.4.169 allows XSS via the event-graph relationship tooltip...

CVE-2023-28606

js/event-graph.js in MISP before 2.4.169 allows XSS via event-graph node tooltips...

MISP 跨站脚本漏洞

MISP is an open source software solution. The product is used to collect, store, distribute, and share cybersecurity metrics and has features such as threat cybersecurity event analysis and malware analysis. A security vulnerability exists in MISP versions prior to 2.4.169. An attacker exploited...

PT-2023-21842 · Misp · Misp

Name of the Vulnerable Software and Affected Versions: MISP versions prior to 2.4.169 Description: The issue allows for XSS via event-graph node tooltips in the js/event-graph.js file. Recommendations: For versions prior to 2.4.169, update to version 2.4.169 or later to resolve the issue...