216 matches found
CVE-2020-37041
CVE-2020-37041 is confirmed in OpenCTI 3.3.1 to have a directory traversal vulnerability via the /static/css endpoint. An unauthenticated attacker can read arbitrary filesystem files by crafting GET requests containing path traversal sequences (for example, /static/css//../../../../../../../../et...
OpenCTI path traversal vulnerability
OpenCTI is an open-source network threat intelligence platform developed by OpenCTI. Version 3.3.1 of OpenCTI contains a path traversal vulnerability. This vulnerability stems from directory traversal in static/css endpoints, which may allow unverified attackers to read arbitrary files...
OpenCTI cross-site scripting vulnerabilities
OpenCTI is an open-source open network threat intelligence platform. Version 3.3.1 of OpenCTI contains a cross-site scripting vulnerability. This vulnerability stems from a reflective cross-site scripting in the graphql endpoint, which may allow JavaScript code to be executed in the victim’s...
PT-2026-5484
Name of the Vulnerable Software and Affected Versions OpenCTI version 3.3.1 Description OpenCTI is susceptible to a reflected cross-site scripting XSS attack through the /graphql API endpoint. An attacker can inject malicious JavaScript code by sending a specially crafted GET request with a paylo...
CVE-2025-61782
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to version 6.8.3, an open redirect vulnerability exists in the OpenCTI platform's SAML authentication endpoint /auth/saml/callback. By manipulating the RelayState parameter, an attacker can...
CVE-2025-61782
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to version 6.8.3, an open redirect vulnerability exists in the OpenCTI platform's SAML authentication endpoint /auth/saml/callback. By manipulating the RelayState parameter, an attacker can...
EUVD-2025-206265
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to version 6.8.3, an open redirect vulnerability exists in the OpenCTI platform's SAML authentication endpoint /auth/saml/callback. By manipulating the RelayState parameter, an attacker can...
CVE-2025-61782 Open Redirect in OpenCTI's SAML Authentication Flow
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to version 6.8.3, an open redirect vulnerability exists in the OpenCTI platform's SAML authentication endpoint /auth/saml/callback. By manipulating the RelayState parameter, an attacker can...
CVE-2025-61782
OpenCTI prior to version 6.8.3 contains an open redirect in the SAML callback endpoint (/auth/saml/callback). By manipulating the RelayState parameter, an attacker can trigger a 302 redirect to an arbitrary external URL, enabling phishing and credential theft. Remediation: upgrade to version 6.8....
CVE-2025-61782 Open Redirect in OpenCTI's SAML Authentication Flow
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to version 6.8.3, an open redirect vulnerability exists in the OpenCTI platform's SAML authentication endpoint /auth/saml/callback. By manipulating the RelayState parameter, an attacker can...
CVE-2025-61782 Open Redirect in OpenCTI's SAML Authentication Flow
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to version 6.8.3, an open redirect vulnerability exists in the OpenCTI platform's SAML authentication endpoint /auth/saml/callback. By manipulating the RelayState parameter, an attacker can...
PT-2026-1834
Name of the Vulnerable Software and Affected Versions OpenCTI versions prior to 6.8.3 Description OpenCTI is a platform for managing cyber threat intelligence knowledge. A flaw exists in the SAML authentication endpoint /auth/saml/callback that allows for open redirection. Manipulating the...
OpenCTI 输入验证错误漏洞
OpenCTI is an open source cyber threat intelligence platform from OpenCTI. An input validation error vulnerability exists in OpenCTI versions prior to 6.8.3 that stems from improper manipulation of the RelayState parameter in the SAML authentication endpoint, which could lead to an open redirecti...
CVE-2025-61781
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to version 6.8.1, the GraphQL mutation "WorkspacePopoverDeletionMutation" allows users to delete workspace-related objects such as dashboards and investigation cases. However, the mutation...
PYSEC-2026-116
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to version 6.8.1, the GraphQL mutation "WorkspacePopoverDeletionMutation" allows users to delete workspace-related objects such as dashboards and investigation cases. However, the mutation...
PYSEC-2026-116
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to version 6.8.1, the GraphQL mutation "WorkspacePopoverDeletionMutation" allows users to delete workspace-related objects such as dashboards and investigation cases. However, the mutation...
CVE-2025-61781 GraphQL IDOR allows authenticated user to delete workspace content of other users
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to version 6.8.1, the GraphQL mutation "WorkspacePopoverDeletionMutation" allows users to delete workspace-related objects such as dashboards and investigation cases. However, the mutation...
CVE-2025-61781
OpenCTI prior to 6.8.1 is affected by an authorization flaw in the GraphQL mutation WorkspacePopoverDeletionMutation, which allows an authenticated user to delete workspace objects (dashboards, investigation cases) belonging to other users. The API does not verify ownership, enabling unauthorized...
CVE-2025-61781 GraphQL IDOR allows authenticated user to delete workspace content of other users
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to version 6.8.1, the GraphQL mutation "WorkspacePopoverDeletionMutation" allows users to delete workspace-related objects such as dashboards and investigation cases. However, the mutation...
EUVD-2025-206242
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to version 6.8.1, the GraphQL mutation "WorkspacePopoverDeletionMutation" allows users to delete workspace-related objects such as dashboards and investigation cases. However, the mutation...