4 matches found
CVE-2024-58129
In MISP before 2.4.193, menucustomrightlinkhtml parameters can be set via the UI i.e., without using the CLI and thus attackers with admin privileges can conduct XSS attacks against every page...
CVE-2024-58129
In MISP before 2.4.193, menucustomrightlinkhtml parameters can be set via the UI i.e., without using the CLI and thus attackers with admin privileges can conduct XSS attacks against every page...
CVE-2024-58129
CVE-2024-58129 affects MISP prior to version 2.4.193. The issue allows attackers with admin privileges to set menu_custom_right_link_html through the UI (not the CLI), enabling cross-site scripting on every page. The risk description in the connected documents confirms XSS across pages due to thi...
CVE-2024-58129
In MISP before 2.4.193, menucustomrightlinkhtml parameters can be set via the UI i.e., without using the CLI and thus attackers with admin privileges can conduct XSS attacks against every page...