CVE-2022-27244
The CVE-2022-27244 issue affects MISP prior to 2.4.156. The vulnerability is a stored XSS in the custom authentication name, exploitable when an administrator modifies a user. Multiple connected sources (Red Hat, CNVD, OSV, CNVD, CVE lists) corroborate that an attacker with site-admin privileges ...