5 matches found
CVE-2024-58128
creationtimestamp| type| source ---|---|--- 2025-03-28 22:28:26+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/9487 2025-03-29 00:26:57+00:00| seen| https://t.me/cvedetector/21480...
CVE-2024-58128
In MISP before 2.4.193, menucustomrightlink parameters can be set via the UI i.e., without using the CLI and thus attackers with admin privileges can conduct XSS attacks via a global menu link...
CVE-2024-58128
In MISP before 2.4.193, menucustomrightlink parameters can be set via the UI i.e., without using the CLI and thus attackers with admin privileges can conduct XSS attacks via a global menu link...
CVE-2024-58128
CVE-2024-58128 (MISP) affects MISP prior to 2.4.193. The issue allows attackers with admin privileges to perform cross-site scripting (XSS) through the menu_custom_right_link parameter set via the UI (no CLI). The root cause is an insufficiency in input validation/handling of that parameter, enab...
CVE-2024-58128
In MISP before 2.4.193, menucustomrightlink parameters can be set via the UI i.e., without using the CLI and thus attackers with admin privileges can conduct XSS attacks via a global menu link...