Lucene search
K

6 matches found

NVD
NVD
added 2026/06/12 9:16 p.m.10 views

CVE-2026-54394

MISP contains a path traversal vulnerability in OrganisationsController::getOrgLogo. The vulnerable code builds organisation logo file paths using organisation-controlled fields such as id, name, and uuid without ensuring that the resolved file remains inside the intended APP/files/img/orgs/...

5.3CVSS0.00319EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 8:30 p.m.8 views

EUVD-2026-36563

MISP contains a path traversal vulnerability in OrganisationsController::getOrgLogo. The vulnerable code builds organisation logo file paths using organisation-controlled fields such as id, name, and uuid without ensuring that the resolved file remains inside the intended APP/files/img/orgs/...

5.3CVSS5.6AI score0.00319EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.15 views

PT-2026-48996

Name of the Vulnerable Software and Affected Versions MISP affected versions not specified Description A path traversal issue exists in the getOrgLogo function of the OrganisationsController. The software constructs file paths for organization logos using fields controlled by the organization, su...

5.3CVSS5.4AI score0.00319EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/04/20 11:15 p.m.2 views

CVE-2022-29533

An issue was discovered in MISP before 2.4.158. There is XSS in app/Controller/OrganisationsController.php in a situation with a "weird single checkbox page."...

6.1CVSS5.9AI score0.00776EPSS
Exploits0References4
Prion
Prion
added 2022/04/20 11:15 p.m.16 views

Design/Logic Flaw

An issue was discovered in MISP before 2.4.158. There is XSS in app/Controller/OrganisationsController.php in a situation with a "weird single checkbox page."...

4.3CVSS5.9AI score0.00776EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2022/04/20 12:0 a.m.4 views

PT-2022-19683 · Misp · Misp

Name of the Vulnerable Software and Affected Versions: MISP versions prior to 2.4.158 Description: The issue is related to a Cross-Site Scripting XSS vulnerability in the app/Controller/OrganisationsController.php file, specifically in situations involving a "weird single checkbox page."...

6.1CVSS5.9AI score0.00776EPSS
Exploits0References7
Rows per page
Query Builder