EUVD-2021-12222

Malware in sbrugna...

The vulnerability in the `app/View/GalaxyElements/ajax/index.ctp` component of the MISP threat analysis and information sharing platform allows a perpetrator to execute cross-site scripting (XSS) attacks.

The vulnerability in the app/View/GalaxyElements/ajax/index.ctp component of the MISP threat analysis and information sharing platform is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting XSS attacks...

CVE-2021-37743

app/View/GalaxyElements/ajax/index.ctp in MISP 2.4.147 allows Stored XSS when viewing galaxy cluster elements in JSON format...

MISP 跨站脚本漏洞

MISP is an open source software solution. The product is used to collect, store, distribute, and share network security metrics, and has features such as threat network security event analysis and malware analysis. A cross-site scripting vulnerability exists in MISP, which stems from...

MISP 跨站脚本漏洞

MISP is an open source software solution. The product is used to collect, store, distribute and share cybersecurity metrics and has features such as threat cybersecurity event analysis and malware analysis. A cross-site scripting vulnerability exists in MISP version 2.4.136, which originates in...

MISP 安全漏洞

MISP is an open source software solution for collecting, storing, distributing and sharing cybersecurity metrics and threats related to cybersecurity event analysis and malware analysis. An ACL checking deficiency vulnerability exists in MISP versions prior to 2.4.135 related to...