CVE-2022-47928

In MISP before 2.4.167, there is XSS in the template file uploads in app/View/Templates/uploadfile.ctp...

MISP 跨站脚本漏洞

MISP is an open source software solution. The product is used to collect, store, distribute, and share cybersecurity metrics and has features such as threat cybersecurity event analysis and malware analysis. A security vulnerability exists in MISP version 2.4.167 and prior versions. An attacker...

CVE-2023-24027

In MISP 2.4.167, app/webroot/js/actiontable.js allows XSS via a network history name...

CVE-2023-24026

In MISP 2.4.167, app/webroot/js/event-graph.js has an XSS vulnerability via an event-graph preview payload...

CVE-2023-24028

In MISP 2.4.167, app/Controller/Component/ACLComponent.php has incorrect access control for the decaying import function...

Design/Logic Flaw

In MISP 2.4.167, app/webroot/js/actiontable.js allows XSS via a network history name...

MISP 跨站脚本漏洞

MISP is an open source software solution. The product is used to collect, store, distribute, and share cybersecurity metrics and has features such as threat cybersecurity event analysis and malware analysis. A cross-site scripting vulnerability exists in MISP version 2.4.167. An attacker exploits...

PT-2023-19369 · Misp · Misp

Name of the Vulnerable Software and Affected Versions: MISP version 2.4.167 Description: The issue concerns incorrect access control in the ACLComponent.php file for the decaying import function. This affects the app/Controller/Component/ACLComponent.php component. Recommendations: For MISP versi...

MISP 跨站脚本漏洞

MISP is an open source software solution. The product is used to collect, store, distribute, and share cybersecurity metrics and has features such as threat cybersecurity event analysis and malware analysis. A security vulnerability exists in MISP versions prior to 2.4.167, which stems from XSS i...