73 matches found
CVE-2020-13153
Summary: CVE-2020-13153 affects MISP prior to 2.4.126, with a cross-site scripting (XSS) vulnerability in the file app/View/Events/resolved_attributes.ctp used to render the resolved attributes view. Affected software/component: MISP (the resolved attributes view) before version 2.4.126. Root cau...
CVE-2022-27243
CVE-2022-27243 affects MISP versions before 2.4.156. The vulnerability is a Local File Inclusion in the view template app/View/Users/terms.ctp triggered via the custom terms file setting. This could allow an attacker to read local files through the terms functionality. The issue is fixed in 2.4.1...
CVE-2022-29532
CVE-2022-29532 affects MISP prior to 2.4.158. There is a cross-site scripting vulnerability in the cerebrate view: if one administrator enters a javascript: URL in the URL field and another administrator clicks it, malicious JavaScript can be executed. The issue is reported across multiple source...
CVE-2022-27244
The CVE-2022-27244 issue affects MISP prior to 2.4.156. The vulnerability is a stored XSS in the custom authentication name, exploitable when an administrator modifies a user. Multiple connected sources (Red Hat, CNVD, OSV, CNVD, CVE lists) corroborate that an attacker with site-admin privileges ...
CVE-2020-8893
CVE-2020-8893 affects MISP prior to 2.4.121. The issue is in the Galaxy view (file: app/View/Galaxies/view.ctp) where a search string was not properly sanitized, enabling improper handling of input. Impact is described in the sources as a vulnerability in the Galaxy search functionality; explicit...
CVE-2022-27245
CVE-2022-27245 affects MISP up to version 2.4.156. The issue is that app/Model/Server.php does not restrict generateServerSettings to the CLI, enabling potential SSRF from an attacker's input. Documented impact: SSRF with network scope and partial confidentiality/integrity/availability implicatio...
CVE-2024-25675
CVE-2024-25675 affects MISP prior to 2.4.184. The issue allows a client to start an export generation process without using POST, related to files app/Controller/JobsController.php and app/View/Events/export.ctp. According to connected sources, this could enable unintended initiation of export ta...
CVE-2024-29858
CVE-2024-29858 affects MISP prior to 2.4.187. The issue is in the uploadLogo function (app/Controller/OrganisationsController.php) which does not properly validate uploaded logos, i.e., it does not correctly check for a valid logo file. This could lead to unsafe logo uploads. Remediation: upgrade...
CVE-2022-29531
CVE-2022-29531 affects MISP before 2.4.158, with a stored XSS in the event graph via a tag name. Root cause: tag names lack data validation/filters, enabling injected JavaScript on the client side. Impact per sources: possible client-side script execution; affected versions are prior to 2.4.158. ...
CVE-2020-8892
CVE-2020-8892 affects MISP prior to 2.4.121. The root cause is that the HTTP PUT method was not considered when blocking a brute-force series of invalid requests. CVSS scores indicate a high impact (3.1: 8.1) with network attack vector; substantial confidentiality, integrity, and availability imp...
CVE-2022-29530
CVE-2022-29530 – MISP stored XSS in galaxy clusters affects MISP versions prior to 2.4.158. The vulnerability arises from a lack of data validation/filtering of user-supplied data and its output in galaxy clusters, allowing an attacker to execute JavaScript in a victim’s browser (stored XSS). Pub...
CVE-2022-29533
CVE-2022-29533 affects MISP before 2.4.158 and is due to a cross-site scripting (XSS) flaw in the file app/Controller/OrganisationsController.php when handling a “weird single checkbox page.” Concrete details across connected sources confirm the vulnerable component and the impact is XSS; exploit...
CVE-2020-8891
The CVE-2020-8891 entry concerns MISP prior to 2.4.121 where brute-force blocking failed to canonicalize usernames. This is a software-level input normalization flaw in the authentication/brute-force protection path that could enable bypass of rate-limiting or account blocking under certain inval...
CVE-2022-29529
CVE-2022-29529 affects the MISP project prior to 2.4.158, with a stored XSS in the LinOTP login field. Root cause: insufficient input validation and output of user-supplied data in that field. Impact: potential execution of JavaScript in affected users’ browsers. Remediation: upgrade to MISP 2.4....
CVE-2022-29528
Occurrences across multiple sources confirm CVE-2022-29528: MISP before 2.4.158 is affected by PHAR deserialization. The root cause is PHAR deserialization in MISP; impact and exploit details are not explicitly described in the provided documents beyond the vulnerability description. Affected ver...
CVE-2024-29859
CVE-2024-29859 affects MISP prior to 2.4.187. The issue is in add_misp_export (app/Controller/EventsController.php) where there is an insufficient check for a valid file upload, constituting the root cause. Documented impact indicates potential exposure related to file uploads, with high-severity...
CVE-2020-8894
CVE-2020-8894 concerns MISP before 2.4.121, where ACLs for discussion threads were mishandled in the code paths of ThreadsController.php and Thread.php. The vulnerability arises from improper access control logic, enabling potential permission misconfigurations or exposure of thread discussions d...
CVE-2024-46918
CVE-2024-46918 affects MISP prior to 2.4.198. The issue is in app/Controller/UserLoginProfilesController.php where an org admin can view sensitive login fields of another org admin within the same org. Root cause: inadequate access controls on login profile data. Impact: high confidentiality and ...
CVE-2020-8890
CVE-2020-8890 affects MISP before 2.4.121. The root cause is mishandling of time skew between the web server and database when attempting to block a brute-force sequence of invalid requests. This misalignment can undermine the intended rate-limiting or blocking logic. The connected records consis...
CVE-2021-41326
CVE-2021-41326 affects MISP prior to 2.4.148, where the code path app/Lib/Export/OpendataExport.php mishandles input used in a shell_exec call, enabling command-injection-like behavior. The Red Hat/NVD/CVE records describe the vulnerability consistently, with high to critical impact in CVSS metri...
CVE-2022-29534
CVE-2022-29534 (MISP) : Affects MISP builds before 2.4.158. In UsersController.php, password confirmation can be bypassed via vectors involving the Accept: application/json header, enabling a partial integrity impact without proper authentication. The CVSS3.1 score is 7.5 (HIGH), with network att...
CVE-2023-28607
CVE-2023-28607 affects the MISP project. The issue is a cross-site scripting (XSS) vulnerability in the JavaScript file js/event-graph.js (in MISP) that is exploitable via the event-graph relationship tooltip. Affected versions are MISP prior to 2.4.169; upgrading to 2.4.169 or later is recommend...
CVE-2024-58128
CVE-2024-58128 (MISP) affects MISP prior to 2.4.193. The issue allows attackers with admin privileges to perform cross-site scripting (XSS) through the menu_custom_right_link parameter set via the UI (no CLI). The root cause is an insufficiency in input validation/handling of that parameter, enab...
CVE-2022-27246
CVE-2022-27246 : The connected records confirm an issue in MISP prior to 2.4.156 where an SVG organization logo is not forbidden by default. This may allow embedded JavaScript in the SVG to execute, as described in the initial entry. The documents do not provide explicit impact details beyond the...
CVE-2022-48329
CVE-2022-48329 affects MISP before 2.4.166, where the order parameter can be used insecurely. The vulnerability relates to specific PHP components: app/Model/Attribute.php, app/Model/GalaxyCluster.php, app/Model/Workflow.php, and app/Plugin/Assets/models/behaviors/LogableBehavior.php. It has a CV...
CVE-2024-25674
CVE-2024-25674 affects MISP before 2.4.184. The issue is insecure organisation logo upload due to missing checks for file extension and MIME type, enabling potential abuse. CVSSv3.1 base score 9.8 (CRITICAL) with attack vector NETWORK, no auth, high impact to confidentiality, integrity, and avail...
CVE-2024-58130
The CVE-2024-58130 affects MISP prior to 2.4.193 in RestResponseComponent.php where non-JSON REST responses are not sanitized. This could allow processing of non-JSON outputs through REST endpoints. Remediation: upgrade to MISP 2.4.193 (or later).
CVE-2022-48328
CVE-2022-48328 affects MISP prior to 2.4.167, where the file app/Controller/Component/IndexFilterComponent.php mishandles ordered_url_params and additional_delimiters. The consolidated sources (NVD, Red Hat, OSV, etc.) identify this as a vulnerability with a critical CVSS v3.1 base score of 9.8 (...
CVE-2023-28606
The CVE-2023-28606 issue affects MISP and stems from the js/event-graph.js component, where tooltips in the event-graph node UI can be exploited to perform XSS. Affected versions are MISP before 2.4.169; remediation is to upgrade to version 2.4.169 or later. The connected sources confirm the vuln...
CVE-2018-8948
CVE-2018-8948 affects MISP prior to 2.4.89, with multiple XSS flaws in app/View/Events/resolved_attributes.ctp due to a malicious MISP module. Impact is cross-site scripting; the documents do not specify exploit details or a remediation patch/version.
CVE-2024-45509
In MISP up to 2.4.196, there is an access control vulnerability in app/Controller/BookmarksController.php that allows non-org-admin users to access bookmarks data. Root cause: insufficient restriction for non-admin users in the BookmarksController. Impact: exposure of bookmarks data with confiden...
CVE-2024-57969
CVE-2024-57969 affects MISP prior to 2.4.198. The root cause is that app/Model/Attribute.php ignores an ACL during a GUI attribute search, which can bypass access controls when listing attributes. Impact details in the sources indicate low confidentiality impact and no data integrity/availability...
CVE-2022-42724
CVE-2022-42724 affects MISP up to version 2.4.164. A flaw in app/Controller/UsersController.php allows an attacker to disclose role names that should be admin‑only, resulting in information disclosure. Affected software: MISP prior to 2.4.164. Root cause: improper protection of sensitive role inf...
CVE-2022-47928
Summary: CVE-2022-47928 is a cross-site scripting (XSS) vulnerability in MISP prior to 2.4.167, caused by an XSS flaw in the template file uploads feature (app/View/Templates/upload_file.ctp). The issue is documented across multiple sources (NVD, Red Hat, OSV, etc.) and is specifically tied to th...
CVE-2024-58129
CVE-2024-58129 affects MISP prior to version 2.4.193. The issue allows attackers with admin privileges to set menu_custom_right_link_html through the UI (not the CLI), enabling cross-site scripting on every page. The risk description in the connected documents confirms XSS across pages due to thi...
CVE-2021-36212
CVE-2021-36212 affects MISP prior to version 2.4.146, with stored XSS in the file path app/View/SharingGroups/view.ctp affecting the sharing groups view. The NVD/CVE data show a CVSSv3.1 base score of 6.1 (NETWORK, LOW attack complexity, UI REQUIRED, CHANGED scope; Impact: LOW confidentiality/int...
CVE-2023-48659
CVE-2023-48659 affects MISP prior to 2.4.176. The issue resides in app/Controller/AppController.php where parameter parsing is mishandled, enabling a high-impact vulnerability per CVSS 3.1 (CRITICAL, 9.8; NETWORK, no user interaction). The connected sources confirm the vulnerable component and it...
CVE-2019-16202
MISP pre-2.4.115 permits privilege escalation in certain scenarios. After upgrading to 2.4.115, attempts are blocked by the __checkLoggedActions function with a message indicating potential privilege escalation in older vulnerable versions. Connected sources confirm the affected product/version a...
CVE-2020-11458
CVE-2020-11458 affects MISP versions prior to 2.4.124, where app/Model/feed.php allows administrators to select arbitrary files to ingest. This does not expose full file contents but can leak strings matching patterns, including passwords from database.php or GPG passphrases from config.php. Rele...
CVE-2019-10254
CVE-2019-10254 (MISP) : A Reflected XSS vulnerability exists in the default layout template (app/View/Layouts/default.ctp) of MISP prior to version 2.4.105. The issue arises in the default.ctp template and enables injection of arbitrary web script/HTML. Public references in the CVE describe the a...
CVE-2019-11813
CVE-2019-11813 applies to MISP before 2.4.107, affecting the view component app/View/Elements/Events/View/value_field.ctp. The issue is a persistent XSS via link type attributes using javascript:// links, enabling potentially scripted payloads in affected installations. Root cause is improper han...
CVE-2023-37307
CVE-2023-37307 affects MISP before 2.4.172. The issue is improper sanitization of the title_for_layout field in Correlations, CorrelationExclusions, and Layouts, enabling (authenticated) stored cross-site scripting as demonstrated by public advisories and exploits. The NVD/OSV/Red Hat/CNNVD refer...
CVE-2023-48657
CVE-2023-48657 affects MISP before 2.4.176. The vulnerability stems from mishandling of filters in app/Model/AppModel.php, as described across multiple feeds (NVD/Red Hat/OSV/etc.). Impact is high: the CVSS 3.1 base score is 9.8 (HIGH/CRITICAL) with NETWORK attack vector, NO user interaction, and...
CVE-2018-8949
CVE-2018-8949 involves MISP before 2.4.89, where a flaw in app/Model/Attribute.php creates an API integrity risk that could let a user delete attributes of other events. A crafted event edit (no attribute UUIDs but with attribute IDs set) could overwrite an existing attribute, potentially impacti...
CVE-2019-11812
CVE-2019-11812 is a persistent XSS in MISP prior to 2.4.107. The vulnerability is in the PHP component app/View/Helper/CommandHelper.php, where JavaScript can be injected via the discussion interface and triggered by clicking a link. Affected product/version: MISP (before 2.4.107). Root cause is ...
CVE-2020-25766
CVE-2020-25766 affects MISP prior to 2.4.132. Root cause: a POST operation on a form not linked to the login page can trigger an unwanted action. Affects versions before 2.4.132; documented impact includes possible unauthorized action with low attack complexity (network vector) and no authenticat...
CVE-2023-48655
CVE-2023-48655 affects MISP versions prior to 2.4.176. The issue is in app/Controller/Component/IndexFilterComponent.php, which does not properly filter out query parameters, enabling improper handling of input. This vulnerability is documented across multiple sources (Red Hat, NVD, OSV, CVE list...
CVE-2019-11814
The CVE-2019-11814 entry concerns MISP prior to version 2.4.107. Affected: the web UI script at app/webroot/js/misp.js. Description: persistent XSS via image names in titles, demonstrated by a screenshot. Impact as stated centers on XSS exposure in title fields. Exploitation details are not provi...
CVE-2020-15711
Affected software: MISP (Malware Information Sharing Platform) prior to version 2.4.129. Vulnerability: Cross‑Site Request Forgery (CSRF) in the web application that fails to verify requests originate from trusted users when setting a favourite homepage. Root cause: Inadequate CSRF protection in ...
CVE-2026-10611
CVE-2026-10611 describes an authentication bypass in MISP when LDAP mixed authentication is enabled with OTP enforcement. In deployments with LdapAuth.mixedAuth=true and Security.require_otp=true, users authenticated via an authentication plugin (e.g., LDAP) may have their session established dur...