Lucene search
K
Misp-projectMisp

121 matches found

CVE
CVE
added 2023/01/20 12:0 a.m.134 views

CVE-2023-24028

CVE-2023-24028 affects MISP 2.4.167 where the decaying import function in app/Controller/Component/ACLComponent.php has incorrect access control. The CVSS 3.1 base score is 9.8 (CRITICAL) with network attack vector, no privileges, and no user interaction; impact to confidentiality, integrity, and...

9.8CVSS9.4AI score0.00702EPSS
CVE
CVE
added 2023/08/10 12:0 a.m.115 views

CVE-2023-40224

CVE-2023-40224 affects MISP version 2.4.174, with a cross-site scripting vulnerability in app/View/Events/index.ctp. The available connected sources consistently describe an XSS issue due to insufficient input filtering/escaping, enabling arbitrary script execution via crafted payloads in the aff...

6.1CVSS5.9AI score0.00372EPSS
CVE
CVE
added 2020/05/18 9:11 p.m.95 views

CVE-2020-13153

Summary: CVE-2020-13153 affects MISP prior to 2.4.126, with a cross-site scripting (XSS) vulnerability in the file app/View/Events/resolved_attributes.ctp used to render the resolved attributes view. Affected software/component: MISP (the resolved attributes view) before version 2.4.126. Root cau...

6.1CVSS5.9AI score0.00835EPSS
CVE
CVE
added 2022/04/20 12:0 a.m.88 views

CVE-2022-29532

CVE-2022-29532 affects MISP prior to 2.4.158. There is a cross-site scripting vulnerability in the cerebrate view: if one administrator enters a javascript: URL in the URL field and another administrator clicks it, malicious JavaScript can be executed. The issue is reported across multiple source...

4.8CVSS4.8AI score0.00798EPSS
CVE
CVE
added 2022/03/18 5:15 p.m.87 views

CVE-2022-27243

CVE-2022-27243 affects MISP versions before 2.4.156. The vulnerability is a Local File Inclusion in the view template app/View/Users/terms.ctp triggered via the custom terms file setting. This could allow an attacker to read local files through the terms functionality. The issue is fixed in 2.4.1...

7.8CVSS7.5AI score0.0116EPSS
CVE
CVE
added 2021/06/25 8:49 p.m.86 views

CVE-2021-35502

CVE-2021-35502 affects MISP 2.4.144 where the file app/View/Elements/genericElements/IndexTable/Fields/generic_field.ctp does not sanitize data related to generic-template:index. The issue is a data-sanitization flaw in a view component; NVD/NCSC/Red Hat records list this as a high-severity vulne...

9.8CVSS9.3AI score0.01087EPSS
CVE
CVE
added 2022/03/18 5:14 p.m.84 views

CVE-2022-27244

The CVE-2022-27244 issue affects MISP prior to 2.4.156. The vulnerability is a stored XSS in the custom authentication name, exploitable when an administrator modifies a user. Multiple connected sources (Red Hat, CNVD, OSV, CNVD, CVE lists) corroborate that an attacker with site-admin privileges ...

4.8CVSS4.7AI score0.00458EPSS
CVE
CVE
added 2020/12/05 11:2 p.m.81 views

CVE-2020-29572

CVE-2020-29572 affects MISP 2.4.135, with a cross-site scripting vulnerability in the file app/View/Elements/genericElements/SingleViews/Fields/genericField.ctp via the authkey comment field. The root cause is unsanitized input leading to XSS in the template rendering, enabling arbitrary script e...

6.1CVSS5.9AI score0.00765EPSS
CVE
CVE
added 2022/03/18 5:14 p.m.81 views

CVE-2022-27245

CVE-2022-27245 affects MISP up to version 2.4.156. The issue is that app/Model/Server.php does not restrict generateServerSettings to the CLI, enabling potential SSRF from an attacker's input. Documented impact: SSRF with network scope and partial confidentiality/integrity/availability implicatio...

8.8CVSS8.5AI score0.00853EPSS
CVE
CVE
added 2021/07/30 12:0 a.m.80 views

CVE-2021-37742

Summary: CVE-2021-37742 affects MISP 2.4.147 with a Stored XSS in the view file app/View/Elements/GalaxyClusters/view_relation_tree.ctp when viewing galaxy cluster relationships. The issue originates from that view template; exploitation could occur in the user’s browser when rendering the affect...

5.4CVSS5.1AI score0.00587EPSS
CVE
CVE
added 2020/02/11 12:0 a.m.79 views

CVE-2020-8893

CVE-2020-8893 affects MISP prior to 2.4.121. The issue is in the Galaxy view (file: app/View/Galaxies/view.ctp) where a search string was not properly sanitized, enabling improper handling of input. Impact is described in the sources as a vulnerability in the Galaxy search functionality; explicit...

7.5CVSS7.5AI score0.02061EPSS
Web
CVE
CVE
added 2024/03/21 12:0 a.m.79 views

CVE-2024-29858

CVE-2024-29858 affects MISP prior to 2.4.187. The issue is in the uploadLogo function (app/Controller/OrganisationsController.php) which does not properly validate uploaded logos, i.e., it does not correctly check for a valid logo file. This could lead to unsafe logo uploads. Remediation: upgrade...

9.8CVSS6.8AI score0.00381EPSS
CVE
CVE
added 2021/01/19 3:30 p.m.78 views

CVE-2021-25323

The CVE-2021-25323 issue concerns MISP version 2.4.136 where the default configuration did not require the current password (require_password_confirmation) when changing a password. Root cause: the default setting omits verification of the existing password during password changes. Impact: elevat...

9.1CVSS9.2AI score0.01312EPSS
CVE
CVE
added 2022/04/20 12:0 a.m.78 views

CVE-2022-29531

CVE-2022-29531 affects MISP before 2.4.158, with a stored XSS in the event graph via a tag name. Root cause: tag names lack data validation/filters, enabling injected JavaScript on the client side. Impact per sources: possible client-side script execution; affected versions are prior to 2.4.158. ...

5.4CVSS5.1AI score0.00786EPSS
CVE
CVE
added 2021/01/20 8:20 p.m.77 views

CVE-2020-24085

CVE-2020-24085 affects MISP v2.4.128 in app/Controller/UserSettingsController.php SetHomePage(); lack of validation in the path parameter enables cross-site scripting (XSS) by injecting JavaScript. Reported as an XSS with CVSSv2 base 4.3 (MEDIUM) and CVSSv3.1 base 6.1 (MEDIUM). Connected sources ...

6.1CVSS5.9AI score0.00826EPSS
Web
CVE
CVE
added 2019/06/11 4:38 p.m.76 views

CVE-2019-12794

The CVE concerns MISP 2.4.108 where organization admins can reset credentials for site admins, enabling credential abuse when host organizations create lower-privilege admins. An org admin could manually set a site admin password or use the site admin’s API key to impersonate them, with abuse res...

6.6CVSS6.5AI score0.00926EPSS
CVE
CVE
added 2020/02/11 11:41 p.m.76 views

CVE-2020-8892

CVE-2020-8892 affects MISP prior to 2.4.121. The root cause is that the HTTP PUT method was not considered when blocking a brute-force series of invalid requests. CVSS scores indicate a high impact (3.1: 8.1) with network attack vector; substantial confidentiality, integrity, and availability imp...

8.1CVSS7.9AI score0.01722EPSS
CVE
CVE
added 2022/04/20 12:0 a.m.76 views

CVE-2022-29530

CVE-2022-29530 – MISP stored XSS in galaxy clusters affects MISP versions prior to 2.4.158. The vulnerability arises from a lack of data validation/filtering of user-supplied data and its output in galaxy clusters, allowing an attacker to execute JavaScript in a victim’s browser (stored XSS). Pub...

5.4CVSS5.1AI score0.00786EPSS
CVE
CVE
added 2024/02/09 12:0 a.m.76 views

CVE-2024-25675

CVE-2024-25675 affects MISP prior to 2.4.184. The issue allows a client to start an export generation process without using POST, related to files app/Controller/JobsController.php and app/View/Events/export.ctp. According to connected sources, this could enable unintended initiation of export ta...

9.8CVSS9.3AI score0.00817EPSS
CVE
CVE
added 2021/03/02 6:58 a.m.75 views

CVE-2021-27904

The CVE-2021-27904 issue affects MISP 2.4.139, specifically in app/Model/SharingGroupServer.php within the Sharing Groups implementation. The root cause is that the implementation of the "all org" flag can grant view access to unintended actors, exposing sensitive information to unauthorized part...

5.5CVSS5.4AI score0.00259EPSS
CVE
CVE
added 2021/07/30 2:9 a.m.75 views

CVE-2021-37743

CVE-2021-37743 affects MISP 2.4.147. The vulnerability is a Stored XSS in the view path app/View/GalaxyElements/ajax/index.ctp when rendering galaxy cluster elements in JSON format. The underlying issue is that user-supplied data is reflected in JSON output without proper sanitization, enabling s...

5.4CVSS5.1AI score0.00672EPSS
CVE
CVE
added 2020/02/11 11:41 p.m.74 views

CVE-2020-8891

The CVE-2020-8891 entry concerns MISP prior to 2.4.121 where brute-force blocking failed to canonicalize usernames. This is a software-level input normalization flaw in the authentication/brute-force protection path that could enable bypass of rate-limiting or account blocking under certain inval...

5.9CVSS5.6AI score0.01419EPSS
CVE
CVE
added 2022/04/20 12:0 a.m.74 views

CVE-2022-29533

CVE-2022-29533 affects MISP before 2.4.158 and is due to a cross-site scripting (XSS) flaw in the file app/Controller/OrganisationsController.php when handling a “weird single checkbox page.” Concrete details across connected sources confirm the vulnerable component and the impact is XSS; exploit...

6.1CVSS5.9AI score0.00776EPSS
CVE
CVE
added 2022/04/20 12:0 a.m.73 views

CVE-2022-29529

CVE-2022-29529 affects the MISP project prior to 2.4.158, with a stored XSS in the LinOTP login field. Root cause: insufficient input validation and output of user-supplied data in that field. Impact: potential execution of JavaScript in affected users’ browsers. Remediation: upgrade to MISP 2.4....

5.4CVSS5.1AI score0.00786EPSS
CVE
CVE
added 2018/12/06 4:0 p.m.72 views

CVE-2018-19908

Affected software: MISP 2.4.9x (pre-2.4.99). In the STIX 1 import path, the code in app/Model/Event.php uses an unescaped filename string to build a shell command. This enables an authenticated attacker to modify the STIX import filename to inject and execute arbitrary commands. Exploitation deta...

9CVSS8.8AI score0.1716EPSS
CVE
CVE
added 2022/04/20 12:0 a.m.71 views

CVE-2022-29528

Occurrences across multiple sources confirm CVE-2022-29528: MISP before 2.4.158 is affected by PHAR deserialization. The root cause is PHAR deserialization in MISP; impact and exploit details are not explicitly described in the provided documents beyond the vulnerability description. Affected ver...

9.8CVSS9.4AI score0.02077EPSS
CVE
CVE
added 2020/03/09 6:31 p.m.70 views

CVE-2020-10247

Vulnerability: CVE-2020-10247 affects MISP 2.4.122, where a Persistent XSS exists in the sighting popover tool (file app/View/Elements/Events/View/sighting_field.ctp). Impact: can store/trigger XSS in user-visible popovers. Root cause: persistent cross-site scripting in the sighting_field.ctp com...

6.1CVSS5.9AI score0.00835EPSS
CVE
CVE
added 2020/02/11 12:0 a.m.70 views

CVE-2020-8894

CVE-2020-8894 concerns MISP before 2.4.121, where ACLs for discussion threads were mishandled in the code paths of ThreadsController.php and Thread.php. The vulnerability arises from improper access control logic, enabling potential permission misconfigurations or exposure of thread discussions d...

6.5CVSS6.5AI score0.01387EPSS
CVE
CVE
added 2024/03/21 12:0 a.m.70 views

CVE-2024-29859

CVE-2024-29859 affects MISP prior to 2.4.187. The issue is in add_misp_export (app/Controller/EventsController.php) where there is an insufficient check for a valid file upload, constituting the root cause. Documented impact indicates potential exposure related to file uploads, with high-severity...

9.8CVSS6.8AI score0.00816EPSS
CVE
CVE
added 2024/09/15 12:0 a.m.68 views

CVE-2024-46918

CVE-2024-46918 affects MISP prior to 2.4.198. The issue is in app/Controller/UserLoginProfilesController.php where an org admin can view sensitive login fields of another org admin within the same org. Root cause: inadequate access controls on login profile data. Impact: high confidentiality and ...

9.8CVSS7AI score0.00436EPSS
CVE
CVE
added 2020/02/11 11:41 p.m.66 views

CVE-2020-8890

CVE-2020-8890 affects MISP before 2.4.121. The root cause is mishandling of time skew between the web server and database when attempting to block a brute-force sequence of invalid requests. This misalignment can undermine the intended rate-limiting or blocking logic. The connected records consis...

5.9CVSS5.6AI score0.01089EPSS
CVE
CVE
added 2021/01/19 4:1 p.m.65 views

CVE-2021-3184

MISP 2.4.136 is affected by a Cross-Site Scripting (XSS) vulnerability that arises from a crafted URL targeting the app/View/Elements/global_menu.ctp on the user homepage favourites button. The issue is documented across multiple sources and is confirmed by connected records describing a vulnerab...

6.1CVSS5.8AI score0.00765EPSS
CVE
CVE
added 2021/09/17 12:0 a.m.65 views

CVE-2021-41326

CVE-2021-41326 affects MISP prior to 2.4.148, where the code path app/Lib/Export/OpendataExport.php mishandles input used in a shell_exec call, enabling command-injection-like behavior. The Red Hat/NVD/CVE records describe the vulnerability consistently, with high to critical impact in CVSS metri...

9.8CVSS9.4AI score0.01985EPSS
Web
CVE
CVE
added 2022/04/20 12:0 a.m.64 views

CVE-2022-29534

CVE-2022-29534 (MISP) : Affects MISP builds before 2.4.158. In UsersController.php, password confirmation can be bypassed via vectors involving the Accept: application/json header, enabling a partial integrity impact without proper authentication. The CVSS3.1 score is 7.5 (HIGH), with network att...

7.5CVSS7.4AI score0.01521EPSS
CVE
CVE
added 2020/03/09 6:32 p.m.62 views

CVE-2020-10246

CVE-2020-10246 affects MISP 2.4.122 with a reflected XSS vulnerability in URL parameters, specifically in app/View/Users/statistics_orgs.ctp. Root cause: unsanitized URL parameters leading to reflected XSS. Existence of concrete details in connected sources confirms the affected component and fil...

6.1CVSS5.9AI score0.00835EPSS
CVE
CVE
added 2023/06/30 12:0 a.m.60 views

CVE-2023-37306

CVE-2023-37306 pertains to MISP 2.4.172, where server sync mishandles certificate file extensions, causing information disclosure through error messages. The affected component is MISP 2.4.172; root cause is improper handling of certificate extensions during server synchronization. Impact is info...

7.5CVSS7.3AI score0.00531EPSS
CVE
CVE
added 2023/03/18 12:0 a.m.59 views

CVE-2023-28607

CVE-2023-28607 affects the MISP project. The issue is a cross-site scripting (XSS) vulnerability in the JavaScript file js/event-graph.js (in MISP) that is exploitable via the event-graph relationship tooltip. Affected versions are MISP prior to 2.4.169; upgrading to 2.4.169 or later is recommend...

6.1CVSS5.9AI score0.00382EPSS
CVE
CVE
added 2025/03/28 12:0 a.m.59 views

CVE-2024-58128

CVE-2024-58128 (MISP) affects MISP prior to 2.4.193. The issue allows attackers with admin privileges to perform cross-site scripting (XSS) through the menu_custom_right_link parameter set via the UI (no CLI). The root cause is an insufficiency in input validation/handling of that parameter, enab...

5.5CVSS6.2AI score0.00208EPSS
CVE
CVE
added 2021/01/19 3:30 p.m.58 views

CVE-2021-25324

CVE-2021-25324 affects MISP 2.4.136 with a Stored XSS flaw in the galaxy cluster view (app/View/GalaxyClusters/view.ctp). Root cause details are not fully disclosed in the provided documents, but the vulnerability is described by multiple sources as a cross-site scripting issue that could impact ...

6.1CVSS5.8AI score0.00795EPSS
Web
CVE
CVE
added 2021/01/19 3:29 p.m.58 views

CVE-2021-25325

CVE-2021-25325 affects MISP 2.4.136. It enables cross-site scripting via galaxy cluster element values sent to app/View/GalaxyElements/ajax/index.ctp, where reference types may include javascript: URLs. The issue arises from unsanitized input in galaxy elements, enabling an attacker to execute sc...

6.1CVSS5.9AI score0.00791EPSS
CVE
CVE
added 2022/03/18 5:13 p.m.57 views

CVE-2022-27246

CVE-2022-27246 : The connected records confirm an issue in MISP prior to 2.4.156 where an SVG organization logo is not forbidden by default. This may allow embedded JavaScript in the SVG to execute, as described in the initial entry. The documents do not provide explicit impact details beyond the...

6.1CVSS6.2AI score0.00573EPSS
CVE
CVE
added 2017/08/24 7:0 p.m.56 views

CVE-2017-13671

CVE-2017-13671 affects the MISP application prior to version 2.4.79, in the file app/View/Helper/CommandHelper.php . The vulnerability is a persistent cross-site scripting (XSS) flaw via the comments field. The impact is limited to users on the same instance because the comment field is not inclu...

6.1CVSS5.9AI score0.00967EPSS
CVE
CVE
added 2024/02/09 12:0 a.m.56 views

CVE-2024-25674

CVE-2024-25674 affects MISP before 2.4.184. The issue is insecure organisation logo upload due to missing checks for file extension and MIME type, enabling potential abuse. CVSSv3.1 base score 9.8 (CRITICAL) with attack vector NETWORK, no auth, high impact to confidentiality, integrity, and avail...

9.8CVSS9.4AI score0.00769EPSS
CVE
CVE
added 2021/07/26 1:16 p.m.55 views

CVE-2021-37534

The CVE-2021-37534 entry concerns MISP 2.4.146 where a Stored XSS flaw exists in app/View/GalaxyClusters/add.ctp when forking a galaxy cluster. Affected component is the Galaxy Clusters feature; the root cause is an XSS condition that can allow injected script to run in a victim's browser. Impact...

5.4CVSS5.1AI score0.00504EPSS
CVE
CVE
added 2025/03/28 12:0 a.m.55 views

CVE-2024-58130

The CVE-2024-58130 affects MISP prior to 2.4.193 in RestResponseComponent.php where non-JSON REST responses are not sanitized. This could allow processing of non-JSON outputs through REST endpoints. Remediation: upgrade to MISP 2.4.193 (or later).

7.2CVSS7.2AI score0.00217EPSS
CVE
CVE
added 2023/02/20 12:0 a.m.54 views

CVE-2022-48328

CVE-2022-48328 affects MISP prior to 2.4.167, where the file app/Controller/Component/IndexFilterComponent.php mishandles ordered_url_params and additional_delimiters. The consolidated sources (NVD, Red Hat, OSV, etc.) identify this as a vulnerability with a critical CVSS v3.1 base score of 9.8 (...

9.8CVSS9.3AI score0.01298EPSS
CVE
CVE
added 2018/03/23 5:0 p.m.53 views

CVE-2018-8948

CVE-2018-8948 affects MISP prior to 2.4.89, with multiple XSS flaws in app/View/Events/resolved_attributes.ctp due to a malicious MISP module. Impact is cross-site scripting; the documents do not specify exploit details or a remediation patch/version.

6.1CVSS6AI score0.00809EPSS
CVE
CVE
added 2023/02/20 12:0 a.m.53 views

CVE-2022-48329

CVE-2022-48329 affects MISP before 2.4.166, where the order parameter can be used insecurely. The vulnerability relates to specific PHP components: app/Model/Attribute.php, app/Model/GalaxyCluster.php, app/Model/Workflow.php, and app/Plugin/Assets/models/behaviors/LogableBehavior.php. It has a CV...

9.8CVSS9.2AI score0.00929EPSS
CVE
CVE
added 2023/01/20 12:0 a.m.53 views

CVE-2023-24026

CVE-2023-24026 affects MISP 2.4.167, specifically the file app/webroot/js/event-graph.js where an event-graph preview payload enables a Cross-Site Scripting (XSS) vulnerability. The root cause is an XSS in the event-graph preview flow, with the vulnerability described across multiple feeds (NVD, ...

6.1CVSS6AI score0.00395EPSS
Web
CVE
CVE
added 2023/03/18 12:0 a.m.53 views

CVE-2023-28606

The CVE-2023-28606 issue affects MISP and stems from the js/event-graph.js component, where tooltips in the event-graph node UI can be exploited to perform XSS. Affected versions are MISP before 2.4.169; remediation is to upgrade to version 2.4.169 or later. The connected sources confirm the vuln...

6.1CVSS5.9AI score0.00382EPSS
Web
Total number of security vulnerabilities121