Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
misp vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2022-29530
An issue exists in MISP prior to 2.4.158. There is stored XSS in the galaxy clusters.
Misp Misp
3.5
CVSSv2
CVE-2022-29532
An issue exists in MISP prior to 2.4.158. There is XSS in the cerebrate view if one administrator puts a javascript: URL in the URL field, and another administrator clicks on it.
Misp Misp
4.3
CVSSv2
CVE-2022-29533
An issue exists in MISP prior to 2.4.158. There is XSS in app/Controller/OrganisationsController.php in a situation with a "weird single checkbox page."
Misp Misp
4
CVSSv2
CVE-2019-16202
MISP prior to 2.4.115 allows privilege escalation in certain situations. After updating to 2.4.115, escalation attempts are blocked by the __checkLoggedActions function with a "This could be an indication of an attempted privilege escalation on older vulnerable versions of M...
Misp Misp
4.3
CVSSv2
CVE-2019-10254
In MISP prior to 2.4.105, the app/View/Layouts/default.ctp default layout template has a Reflected XSS vulnerability.
Misp Misp
7.5
CVSSv2
CVE-2021-41326
In MISP prior to 2.4.148, app/Lib/Export/OpendataExport.php mishandles parameter data that is used in a shell_exec call.
Misp Misp
1 Github repository
7.5
CVSSv2
CVE-2022-29528
An issue exists in MISP prior to 2.4.158. PHAR deserialization can occur.
Misp Misp
3.5
CVSSv2
CVE-2022-29529
An issue exists in MISP prior to 2.4.158. There is stored XSS via the LinOTP login field.
Misp Misp
3.5
CVSSv2
CVE-2022-29531
An issue exists in MISP prior to 2.4.158. There is stored XSS in the event graph via a tag name.
Misp Misp
5
CVSSv2
CVE-2022-29534
An issue exists in MISP prior to 2.4.158. In UsersController.php, password confirmation can be bypassed via vectors involving an "Accept: application/json" header.
Misp Misp
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »