In MISP 2.4.167, app/webroot/js/event-graph.js has an XSS vulnerability via an event-graph preview payload.
6.1CVSS
6AI Score
0.001EPSS
In MISP 2.4.167, app/Controller/Component/ACLComponent.php has incorrect access control for the decaying import function.
9.8CVSS
9.4AI Score
0.002EPSS