Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
strangebee thehive vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-39069
An issue in StrangeBee TheHive v.5.0.8, v.4.1.21 and Cortex v.3.1.6 allows a remote malicious user to gain privileges via Active Directory authentication mechanism.
Strangebee Thehive
Strangebee Cortex
8.8
CVSSv3
CVE-2017-18376
An improper authorization check in the User API in TheHive prior to 2.13.4 and 3.x prior to 3.3.1 allows users with read-only or read/write access to escalate their privileges to the administrator's privileges. This affects app/controllers/UserCtrl.scala.
Strangebee Thehive
5.4
CVSSv3
CVE-2024-22876
StrangeBee TheHive 5.1.0 to 5.1.9 and 5.2.0 to 5.2.8 is vulnerable to Cross Site Scripting (XSS) in the case attachment functionality which enables an malicious user to upload a malicious HTML file with Javascript code that will be executed in the context of the The Hive applicat...
Strangebee Thehive
5.4
CVSSv3
CVE-2024-22877
StrangeBee TheHive 5.2.0 to 5.2.8 is vulnerable to Cross Site Scripting (XSS) in the case reporting functionality. This feature allows an malicious user to insert malicious JavaScript code inside the template or its variables, that will be executed in the context of the TheHive a...
Strangebee Thehive
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started