12 matches found
EUVD-2023-28090
Malicious code in bioql PyPI...
CVE-2023-28607
js/event-graph.js in MISP before 2.4.169 allows XSS via the event-graph relationship tooltip...
CVE-2023-28606
js/event-graph.js in MISP before 2.4.169 allows XSS via event-graph node tooltips...
Design/Logic Flaw
js/event-graph.js in MISP before 2.4.169 allows XSS via the event-graph relationship tooltip...
CVE-2023-28607
js/event-graph.js in MISP before 2.4.169 allows XSS via the event-graph relationship tooltip...
CVE-2023-24026
In MISP 2.4.167, app/webroot/js/event-graph.js has an XSS vulnerability via an event-graph preview payload...
Cross site scripting
In MISP 2.4.167, app/webroot/js/event-graph.js has an XSS vulnerability via an event-graph preview payload...
CVE-2023-24026
In MISP 2.4.167, app/webroot/js/event-graph.js has an XSS vulnerability via an event-graph preview payload...
CVE-2023-24026
In MISP 2.4.167, app/webroot/js/event-graph.js has an XSS vulnerability via an event-graph preview payload...
CVE-2023-24026
CVE-2023-24026 affects MISP 2.4.167, specifically the file app/webroot/js/event-graph.js where an event-graph preview payload enables a Cross-Site Scripting (XSS) vulnerability. The root cause is an XSS in the event-graph preview flow, with the vulnerability described across multiple feeds (NVD, ...
Cross site scripting
In app/webroot/js/event-graph.js in MISP 2.4.111, a stored XSS vulnerability exists in the event-graph view when a user toggles the event graph view. A malicious MISP event must be crafted in order to trigger the vulnerability...
CVE-2019-14286
In app/webroot/js/event-graph.js in MISP 2.4.111, a stored XSS vulnerability exists in the event-graph view when a user toggles the event graph view. A malicious MISP event must be crafted in order to trigger the vulnerability...