Lucene search
+L

86 matches found

NCSC
NCSC
added 2022/04/21 12:0 a.m.4 views

Vulnerabilities fixed in MISP

Vulnerabilities have been fixed in MISP. The vulnerabilities allow a malicious person to perform attacks that result in the following categories of damage: Cross-Site Scripting XSS. Bypassing authentication Remote code execution Administrator/Root rights For these vulnerabilities, at the time of...

7.1AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/04/20 11:15 p.m.3 views

CVE-2022-29530

An issue was discovered in MISP before 2.4.158. There is stored XSS in the galaxy clusters...

5.4CVSS5.9AI score0.0081EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2022/04/20 12:0 a.m.6 views

PT-2022-19684 · Misp · Misp

Name of the Vulnerable Software and Affected Versions: MISP versions prior to 2.4.158 Description: An issue was discovered in the UsersController.php file, where password confirmation can be bypassed via vectors involving an "Accept: application/json" header. Recommendations: For versions prior t...

7.5CVSS7.4AI score0.01566EPSS
Exploits1References9
ATTACKERKB
ATTACKERKB
added 2022/03/18 6:15 p.m.2 views

CVE-2022-27244

An issue was discovered in MISP before 2.4.156. A malicious site administrator could store an XSS payload in the custom auth name. This would be executed each time the administrator modifies a user...

4.8CVSS5.7AI score0.0047EPSS
Exploits0References2
Circl
Circl
added 2022/01/28 8:21 p.m.6 views

CVE-2021-45897

creationtimestamp| type| source ---|---|--- 2022-01-28 20:21:48+00:00| seen| https://t.me/cibsecurity/36472 2022-01-31 20:11:56+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/1457 2025-08-31 03:00:55+00:00| seen| MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d...

8.8CVSS7.3AI score0.04608EPSS
Exploits2References2
ATTACKERKB
ATTACKERKB
added 2021/09/17 6:15 p.m.3 views

CVE-2021-41326

In MISP before 2.4.148, app/Lib/Export/OpendataExport.php mishandles parameter data that is used in a shellexec call...

9.8CVSS7.3AI score0.02134EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/08/19 12:0 a.m.6 views

MISP SQL注入漏洞

MISP is an open source software solution. The product is used to collect, store, distribute, and share cybersecurity metrics and has features such as threat cybersecurity event analysis and malware analysis. A SQL injection vulnerability exists in MISP. The vulnerability stems from an SQL injecti...

9.8CVSS8.5AI score0.00939EPSS
Exploits0References2
NCSC
NCSC
added 2021/07/28 12:0 a.m.7 views

Vulnerability fixed in MISP

A vulnerability has been fixed in MISP. A malicious party can exploit the exploit the vulnerability to perform a Cross-Site Scripting XSS attack. Such an attack can result in the execution of arbitrary script code in the browser used to visit the application is visited. MISP has released updates ...

5.4CVSS6.7AI score0.00504EPSS
Exploits0
NCSC
NCSC
added 2021/07/06 12:0 a.m.10 views

Vulnerability fixed in MISP

A vulnerability has been fixed in MISP. An unauthenticated remote malicious person could exploit the vulnerability to perform a Cross-Site Scripting XSS attack. Such an attack can result in the execution of arbitrary script code in the browser used to visit the application. The developers have...

9.8CVSS6.3AI score0.01087EPSS
Exploits0
NCSC
NCSC
added 2021/01/22 12:0 a.m.8 views

Vulnerabilities fixed in MISP

Vulnerabilities have been fixed in MISP. The vulnerabilities allow a malicious person to bypass a security measure and perform a Cross-Site Scripting XSS attack. Such an attack can result in the execution of arbitrary script code in the browser used to visit the application. The developers of MIS...

9.1CVSS6.3AI score0.01312EPSS
Exploits0
Circl
Circl
added 2020/12/23 12:53 a.m.9 views

CVE-2020-29583

creationtimestamp| type| source ---|---|--- 2020-12-23 00:53:54+00:00| seen| https://t.me/cibsecurity/21192 2021-01-01 16:35:18+00:00| seen| https://t.me/cKure/3549 2021-01-01 16:38:04+00:00| seen| https://t.me/cKure/3550 2021-01-04 17:21:00+00:00| seen|...

10CVSS7.4AI score0.90049EPSS
Exploits2References14
CNNVD
CNNVD
added 2020/12/05 12:0 a.m.7 views

MISP 跨站脚本漏洞

MISP is an open source software solution for collecting, storing, distributing and sharing cybersecurity metrics and threats related to cybersecurity event analysis and malware analysis. A cross-site scripting vulnerability exists in...

6.1CVSS6.2AI score0.00765EPSS
Exploits0References2
NCSC
NCSC
added 2020/11/20 12:0 a.m.8 views

Vulnerability fixed in MISP

CIRCL has fixed a vulnerability in MISP. The vulnerability is located in the handling of templates and allows a malicious party to be able to launch a Cross-Site-Scripting attack XSS attack, potentially executing arbitrary code in the context of the browser. CIRCL has released updates to fix the...

6.1CVSS7.4AI score0.00802EPSS
Exploits0
CNVD
CNVD
added 2020/03/10 12:0 a.m.4 views

MISP Cross-Site Scripting Vulnerability (CNVD-2020-16634)

MISP is an open source software solution for collecting, storing, distributing and sharing cybersecurity metrics and threats related to cybersecurity event analysis and malware analysis. MISP 2.4.122 A reflected cross-site scripting vulnerability exists related to app/View/Users/statisticsorgs.ct...

6.1CVSS6.3AI score0.00835EPSS
Exploits0References1
Circl
Circl
added 2019/02/13 2:42 p.m.9 views

CVE-2019-7384

creationtimestamp| type| source ---|---|--- 2019-02-13 14:42:03+00:00| seen| MISP/5c642c58-4f08-4c74-ab2d-6ed50a021402 2024-01-09 12:29:58+00:00| seen| https://t.me/arpsyndicate/2745...

7.8CVSS7.5AI score0.03506EPSS
Exploits3References1
Circl
Circl
added 2019/02/13 2:35 p.m.20 views

CVE-2019-0595

creationtimestamp| type| source ---|---|--- 2019-02-13 14:35:53+00:00| seen| MISP/5c642a56-2440-4af0-8bfd-6e4a0a021402...

9.3CVSS8.5AI score0.19059EPSS
Exploits0
Circl
Circl
added 2019/01/28 3:10 p.m.9 views

CVE-2019-6220

creationtimestamp| type| source ---|---|--- 2019-01-28 15:10:00+00:00| seen| MISP/5c4f1a2e-1300-4391-87cf-19c50a021402...

5.5CVSS6.8AI score0.00933EPSS
Exploits0
CNVD
CNVD
added 2018/05/22 12:0 a.m.6 views

MISP Cross-Site Scripting Vulnerability (CNVD-2018-10053)

MISP is a suite of open source software solutions for collecting, storing, distributing and sharing cybersecurity metrics and threats cybersecurity event analysis and malware analysis. A cross-site scripting vulnerability exists in the app/webroot/js/misp.js file in MISP version 2.4.91. A remote...

6.1CVSS6.1AI score0.00855EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2018/03/23 5:29 p.m.6 views

CVE-2018-8949

An issue was discovered in app/Model/Attribute.php in MISP before 2.4.89. There is a critical API integrity bug, potentially allowing users to delete attributes of other events. A crafted edit for an event without attribute UUIDs but attribute IDs set could overwrite an existing attribute...

5.5CVSS5.6AI score0.00765EPSS
Exploits0References2
Circl
Circl
added 2017/03/29 12:0 a.m.17 views

CVE-2017-7310

creationtimestamp| type| source ---|---|--- 2017-03-29 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/41773 2018-01-24 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/43875 2018-05-29 15:50:33+00:00| seen|...

7.8CVSS7.5AI score0.53651EPSS
Exploits11References4
Rows per page
Query Builder