CVE-2018-11562

An issue was discovered in MISP 2.4.91. A vulnerability in app/View/Elements/eventattribute.ctp allows reflected XSS if a user clicks on a malicious link for an event view and then clicks on the deleted attributes quick filter...

MISP Cross-Site Scripting Vulnerability (CNVD-2018-10053)

MISP is a suite of open source software solutions for collecting, storing, distributing and sharing cybersecurity metrics and threats cybersecurity event analysis and malware analysis. A cross-site scripting vulnerability exists in the app/webroot/js/misp.js file in MISP version 2.4.91. A remote...

Cross site scripting

app/webroot/js/misp.js in MISP 2.4.91 has a DOM based XSS with cortex type attributes...

CVE-2018-11245

app/webroot/js/misp.js in MISP 2.4.91 has a DOM based XSS with cortex type attributes...

CVE-2018-11245

app/webroot/js/misp.js in MISP 2.4.91 has a DOM based XSS with cortex type attributes...

CVE-2018-11245

CVE-2018-11245 affects MISP 2.4.91, with a DOM-based XSS flaw in app/webroot/js/misp.js related to cortex type attributes. The vulnerability allows injection of arbitrary scripts in web pages rendered by MISP; CVSS v3.0 base score 6.1 (Network, Low complexity, User interaction Required, Confident...