12 matches found
EUVD-2021-12222
Malware in sbrugna...
EUVD-2021-12221
Malware in sbrugna...
EUVD-2024-54332
Malicious code in bioql PyPI...
EUVD-2022-31753
Malicious code in bioql PyPI...
CVE-2023-28884
In MISP 2.4.169, app/Lib/Tools/CustomPaginationTool.php allows XSS in the community index...
CVE-2022-29533
An issue was discovered in MISP before 2.4.158. There is XSS in app/Controller/OrganisationsController.php in a situation with a "weird single checkbox page."...
CVE-2021-25325
MISP 2.4.136 has XSS via galaxy cluster element values to app/View/GalaxyElements/ajax/index.ctp. Reference types could contain javascript: URLs...
CVE-2020-13153
app/View/Events/resolvedattributes.ctp in MISP before 2.4.126 has XSS in the resolved attributes view...
CVE-2024-58129
CVE-2024-58129 affects MISP prior to version 2.4.193. The issue allows attackers with admin privileges to set menu_custom_right_link_html through the UI (not the CLI), enabling cross-site scripting on every page. The risk description in the connected documents confirms XSS across pages due to thi...
CVE-2024-54674
app/View/GalaxyClusters/clusterexportmispgalaxy.ctp in MISP through 2.5.2 has stored XSS when exporting custom clusters into the misp-galaxy format...
PT-2023-19368 · Misp · Misp
Name of the Vulnerable Software and Affected Versions: MISP version 2.4.167 Description: The issue allows for XSS via a network history name in the app/webroot/js/action table.js file. Recommendations: For MISP version 2.4.167, consider disabling the action table.js script until a patch is...
CVE-2020-28947
In MISP 2.4.134, XSS exists in the template element index view because the id parameter is mishandled...