3 matches found
PT-2022-19684 · Misp · Misp
Name of the Vulnerable Software and Affected Versions: MISP versions prior to 2.4.158 Description: An issue was discovered in the UsersController.php file, where password confirmation can be bypassed via vectors involving an "Accept: application/json" header. Recommendations: For versions prior t...
PT-2022-19681 · Misp · Misp
Name of the Vulnerable Software and Affected Versions: MISP versions prior to 2.4.158 Description: An issue was discovered in the event graph via a tag name, allowing stored XSS. Recommendations: For versions prior to 2.4.158, update to version 2.4.158 or later to resolve the issue. As a temporar...
PT-2022-19679 · Misp · Misp
Name of the Vulnerable Software and Affected Versions: MISP versions prior to 2.4.158 Description: An issue was discovered in MISP, where there is stored XSS via the LinOTP login field. Recommendations: For versions prior to 2.4.158, update to version 2.4.158 or later to resolve the issue. As a...