CVE-2022-29529
CVE-2022-29529 affects the MISP project prior to 2.4.158, with a stored XSS in the LinOTP login field. Root cause: insufficient input validation and output of user-supplied data in that field. Impact: potential execution of JavaScript in affected users’ browsers. Remediation: upgrade to MISP 2.4....