121 matches found
CVE-2023-24028
CVE-2023-24028 affects MISP 2.4.167 where the decaying import function in app/Controller/Component/ACLComponent.php has incorrect access control. The CVSS 3.1 base score is 9.8 (CRITICAL) with network attack vector, no privileges, and no user interaction; impact to confidentiality, integrity, and...
CVE-2023-40224
CVE-2023-40224 affects MISP version 2.4.174, with a cross-site scripting vulnerability in app/View/Events/index.ctp. The available connected sources consistently describe an XSS issue due to insufficient input filtering/escaping, enabling arbitrary script execution via crafted payloads in the aff...
CVE-2020-13153
Summary: CVE-2020-13153 affects MISP prior to 2.4.126, with a cross-site scripting (XSS) vulnerability in the file app/View/Events/resolved_attributes.ctp used to render the resolved attributes view. Affected software/component: MISP (the resolved attributes view) before version 2.4.126. Root cau...
CVE-2022-29532
CVE-2022-29532 affects MISP prior to 2.4.158. There is a cross-site scripting vulnerability in the cerebrate view: if one administrator enters a javascript: URL in the URL field and another administrator clicks it, malicious JavaScript can be executed. The issue is reported across multiple source...
CVE-2022-27243
CVE-2022-27243 affects MISP versions before 2.4.156. The vulnerability is a Local File Inclusion in the view template app/View/Users/terms.ctp triggered via the custom terms file setting. This could allow an attacker to read local files through the terms functionality. The issue is fixed in 2.4.1...
CVE-2021-35502
CVE-2021-35502 affects MISP 2.4.144 where the file app/View/Elements/genericElements/IndexTable/Fields/generic_field.ctp does not sanitize data related to generic-template:index. The issue is a data-sanitization flaw in a view component; NVD/NCSC/Red Hat records list this as a high-severity vulne...
CVE-2022-27244
The CVE-2022-27244 issue affects MISP prior to 2.4.156. The vulnerability is a stored XSS in the custom authentication name, exploitable when an administrator modifies a user. Multiple connected sources (Red Hat, CNVD, OSV, CNVD, CVE lists) corroborate that an attacker with site-admin privileges ...
CVE-2020-29572
CVE-2020-29572 affects MISP 2.4.135, with a cross-site scripting vulnerability in the file app/View/Elements/genericElements/SingleViews/Fields/genericField.ctp via the authkey comment field. The root cause is unsanitized input leading to XSS in the template rendering, enabling arbitrary script e...
CVE-2022-27245
CVE-2022-27245 affects MISP up to version 2.4.156. The issue is that app/Model/Server.php does not restrict generateServerSettings to the CLI, enabling potential SSRF from an attacker's input. Documented impact: SSRF with network scope and partial confidentiality/integrity/availability implicatio...
CVE-2021-37742
Summary: CVE-2021-37742 affects MISP 2.4.147 with a Stored XSS in the view file app/View/Elements/GalaxyClusters/view_relation_tree.ctp when viewing galaxy cluster relationships. The issue originates from that view template; exploitation could occur in the user’s browser when rendering the affect...
CVE-2020-8893
CVE-2020-8893 affects MISP prior to 2.4.121. The issue is in the Galaxy view (file: app/View/Galaxies/view.ctp) where a search string was not properly sanitized, enabling improper handling of input. Impact is described in the sources as a vulnerability in the Galaxy search functionality; explicit...
CVE-2024-29858
CVE-2024-29858 affects MISP prior to 2.4.187. The issue is in the uploadLogo function (app/Controller/OrganisationsController.php) which does not properly validate uploaded logos, i.e., it does not correctly check for a valid logo file. This could lead to unsafe logo uploads. Remediation: upgrade...
CVE-2021-25323
The CVE-2021-25323 issue concerns MISP version 2.4.136 where the default configuration did not require the current password (require_password_confirmation) when changing a password. Root cause: the default setting omits verification of the existing password during password changes. Impact: elevat...
CVE-2022-29531
CVE-2022-29531 affects MISP before 2.4.158, with a stored XSS in the event graph via a tag name. Root cause: tag names lack data validation/filters, enabling injected JavaScript on the client side. Impact per sources: possible client-side script execution; affected versions are prior to 2.4.158. ...
CVE-2020-24085
CVE-2020-24085 affects MISP v2.4.128 in app/Controller/UserSettingsController.php SetHomePage(); lack of validation in the path parameter enables cross-site scripting (XSS) by injecting JavaScript. Reported as an XSS with CVSSv2 base 4.3 (MEDIUM) and CVSSv3.1 base 6.1 (MEDIUM). Connected sources ...
CVE-2019-12794
The CVE concerns MISP 2.4.108 where organization admins can reset credentials for site admins, enabling credential abuse when host organizations create lower-privilege admins. An org admin could manually set a site admin password or use the site admin’s API key to impersonate them, with abuse res...
CVE-2020-8892
CVE-2020-8892 affects MISP prior to 2.4.121. The root cause is that the HTTP PUT method was not considered when blocking a brute-force series of invalid requests. CVSS scores indicate a high impact (3.1: 8.1) with network attack vector; substantial confidentiality, integrity, and availability imp...
CVE-2022-29530
CVE-2022-29530 – MISP stored XSS in galaxy clusters affects MISP versions prior to 2.4.158. The vulnerability arises from a lack of data validation/filtering of user-supplied data and its output in galaxy clusters, allowing an attacker to execute JavaScript in a victim’s browser (stored XSS). Pub...
CVE-2024-25675
CVE-2024-25675 affects MISP prior to 2.4.184. The issue allows a client to start an export generation process without using POST, related to files app/Controller/JobsController.php and app/View/Events/export.ctp. According to connected sources, this could enable unintended initiation of export ta...
CVE-2021-27904
The CVE-2021-27904 issue affects MISP 2.4.139, specifically in app/Model/SharingGroupServer.php within the Sharing Groups implementation. The root cause is that the implementation of the "all org" flag can grant view access to unintended actors, exposing sensitive information to unauthorized part...
CVE-2021-37743
CVE-2021-37743 affects MISP 2.4.147. The vulnerability is a Stored XSS in the view path app/View/GalaxyElements/ajax/index.ctp when rendering galaxy cluster elements in JSON format. The underlying issue is that user-supplied data is reflected in JSON output without proper sanitization, enabling s...
CVE-2020-8891
The CVE-2020-8891 entry concerns MISP prior to 2.4.121 where brute-force blocking failed to canonicalize usernames. This is a software-level input normalization flaw in the authentication/brute-force protection path that could enable bypass of rate-limiting or account blocking under certain inval...
CVE-2022-29533
CVE-2022-29533 affects MISP before 2.4.158 and is due to a cross-site scripting (XSS) flaw in the file app/Controller/OrganisationsController.php when handling a “weird single checkbox page.” Concrete details across connected sources confirm the vulnerable component and the impact is XSS; exploit...
CVE-2022-29529
CVE-2022-29529 affects the MISP project prior to 2.4.158, with a stored XSS in the LinOTP login field. Root cause: insufficient input validation and output of user-supplied data in that field. Impact: potential execution of JavaScript in affected users’ browsers. Remediation: upgrade to MISP 2.4....
CVE-2018-19908
Affected software: MISP 2.4.9x (pre-2.4.99). In the STIX 1 import path, the code in app/Model/Event.php uses an unescaped filename string to build a shell command. This enables an authenticated attacker to modify the STIX import filename to inject and execute arbitrary commands. Exploitation deta...
CVE-2022-29528
Occurrences across multiple sources confirm CVE-2022-29528: MISP before 2.4.158 is affected by PHAR deserialization. The root cause is PHAR deserialization in MISP; impact and exploit details are not explicitly described in the provided documents beyond the vulnerability description. Affected ver...
CVE-2020-10247
Vulnerability: CVE-2020-10247 affects MISP 2.4.122, where a Persistent XSS exists in the sighting popover tool (file app/View/Elements/Events/View/sighting_field.ctp). Impact: can store/trigger XSS in user-visible popovers. Root cause: persistent cross-site scripting in the sighting_field.ctp com...
CVE-2020-8894
CVE-2020-8894 concerns MISP before 2.4.121, where ACLs for discussion threads were mishandled in the code paths of ThreadsController.php and Thread.php. The vulnerability arises from improper access control logic, enabling potential permission misconfigurations or exposure of thread discussions d...
CVE-2024-29859
CVE-2024-29859 affects MISP prior to 2.4.187. The issue is in add_misp_export (app/Controller/EventsController.php) where there is an insufficient check for a valid file upload, constituting the root cause. Documented impact indicates potential exposure related to file uploads, with high-severity...
CVE-2024-46918
CVE-2024-46918 affects MISP prior to 2.4.198. The issue is in app/Controller/UserLoginProfilesController.php where an org admin can view sensitive login fields of another org admin within the same org. Root cause: inadequate access controls on login profile data. Impact: high confidentiality and ...
CVE-2020-8890
CVE-2020-8890 affects MISP before 2.4.121. The root cause is mishandling of time skew between the web server and database when attempting to block a brute-force sequence of invalid requests. This misalignment can undermine the intended rate-limiting or blocking logic. The connected records consis...
CVE-2021-3184
MISP 2.4.136 is affected by a Cross-Site Scripting (XSS) vulnerability that arises from a crafted URL targeting the app/View/Elements/global_menu.ctp on the user homepage favourites button. The issue is documented across multiple sources and is confirmed by connected records describing a vulnerab...
CVE-2021-41326
CVE-2021-41326 affects MISP prior to 2.4.148, where the code path app/Lib/Export/OpendataExport.php mishandles input used in a shell_exec call, enabling command-injection-like behavior. The Red Hat/NVD/CVE records describe the vulnerability consistently, with high to critical impact in CVSS metri...
CVE-2022-29534
CVE-2022-29534 (MISP) : Affects MISP builds before 2.4.158. In UsersController.php, password confirmation can be bypassed via vectors involving the Accept: application/json header, enabling a partial integrity impact without proper authentication. The CVSS3.1 score is 7.5 (HIGH), with network att...
CVE-2020-10246
CVE-2020-10246 affects MISP 2.4.122 with a reflected XSS vulnerability in URL parameters, specifically in app/View/Users/statistics_orgs.ctp. Root cause: unsanitized URL parameters leading to reflected XSS. Existence of concrete details in connected sources confirms the affected component and fil...
CVE-2023-37306
CVE-2023-37306 pertains to MISP 2.4.172, where server sync mishandles certificate file extensions, causing information disclosure through error messages. The affected component is MISP 2.4.172; root cause is improper handling of certificate extensions during server synchronization. Impact is info...
CVE-2023-28607
CVE-2023-28607 affects the MISP project. The issue is a cross-site scripting (XSS) vulnerability in the JavaScript file js/event-graph.js (in MISP) that is exploitable via the event-graph relationship tooltip. Affected versions are MISP prior to 2.4.169; upgrading to 2.4.169 or later is recommend...
CVE-2024-58128
CVE-2024-58128 (MISP) affects MISP prior to 2.4.193. The issue allows attackers with admin privileges to perform cross-site scripting (XSS) through the menu_custom_right_link parameter set via the UI (no CLI). The root cause is an insufficiency in input validation/handling of that parameter, enab...
CVE-2021-25324
CVE-2021-25324 affects MISP 2.4.136 with a Stored XSS flaw in the galaxy cluster view (app/View/GalaxyClusters/view.ctp). Root cause details are not fully disclosed in the provided documents, but the vulnerability is described by multiple sources as a cross-site scripting issue that could impact ...
CVE-2021-25325
CVE-2021-25325 affects MISP 2.4.136. It enables cross-site scripting via galaxy cluster element values sent to app/View/GalaxyElements/ajax/index.ctp, where reference types may include javascript: URLs. The issue arises from unsanitized input in galaxy elements, enabling an attacker to execute sc...
CVE-2022-27246
CVE-2022-27246 : The connected records confirm an issue in MISP prior to 2.4.156 where an SVG organization logo is not forbidden by default. This may allow embedded JavaScript in the SVG to execute, as described in the initial entry. The documents do not provide explicit impact details beyond the...
CVE-2017-13671
CVE-2017-13671 affects the MISP application prior to version 2.4.79, in the file app/View/Helper/CommandHelper.php . The vulnerability is a persistent cross-site scripting (XSS) flaw via the comments field. The impact is limited to users on the same instance because the comment field is not inclu...
CVE-2024-25674
CVE-2024-25674 affects MISP before 2.4.184. The issue is insecure organisation logo upload due to missing checks for file extension and MIME type, enabling potential abuse. CVSSv3.1 base score 9.8 (CRITICAL) with attack vector NETWORK, no auth, high impact to confidentiality, integrity, and avail...
CVE-2021-37534
The CVE-2021-37534 entry concerns MISP 2.4.146 where a Stored XSS flaw exists in app/View/GalaxyClusters/add.ctp when forking a galaxy cluster. Affected component is the Galaxy Clusters feature; the root cause is an XSS condition that can allow injected script to run in a victim's browser. Impact...
CVE-2024-58130
The CVE-2024-58130 affects MISP prior to 2.4.193 in RestResponseComponent.php where non-JSON REST responses are not sanitized. This could allow processing of non-JSON outputs through REST endpoints. Remediation: upgrade to MISP 2.4.193 (or later).
CVE-2022-48328
CVE-2022-48328 affects MISP prior to 2.4.167, where the file app/Controller/Component/IndexFilterComponent.php mishandles ordered_url_params and additional_delimiters. The consolidated sources (NVD, Red Hat, OSV, etc.) identify this as a vulnerability with a critical CVSS v3.1 base score of 9.8 (...
CVE-2018-8948
CVE-2018-8948 affects MISP prior to 2.4.89, with multiple XSS flaws in app/View/Events/resolved_attributes.ctp due to a malicious MISP module. Impact is cross-site scripting; the documents do not specify exploit details or a remediation patch/version.
CVE-2022-48329
CVE-2022-48329 affects MISP before 2.4.166, where the order parameter can be used insecurely. The vulnerability relates to specific PHP components: app/Model/Attribute.php, app/Model/GalaxyCluster.php, app/Model/Workflow.php, and app/Plugin/Assets/models/behaviors/LogableBehavior.php. It has a CV...
CVE-2023-24026
CVE-2023-24026 affects MISP 2.4.167, specifically the file app/webroot/js/event-graph.js where an event-graph preview payload enables a Cross-Site Scripting (XSS) vulnerability. The root cause is an XSS in the event-graph preview flow, with the vulnerability described across multiple feeds (NVD, ...
CVE-2023-28606
The CVE-2023-28606 issue affects MISP and stems from the js/event-graph.js component, where tooltips in the event-graph node UI can be exploited to perform XSS. Affected versions are MISP before 2.4.169; remediation is to upgrade to version 2.4.169 or later. The connected sources confirm the vuln...