Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
misp vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2022-29530
An issue exists in MISP prior to 2.4.158. There is stored XSS in the galaxy clusters.
Misp Misp
3.5
CVSSv2
CVE-2022-29531
An issue exists in MISP prior to 2.4.158. There is stored XSS in the event graph via a tag name.
Misp Misp
3.5
CVSSv2
CVE-2022-29532
An issue exists in MISP prior to 2.4.158. There is XSS in the cerebrate view if one administrator puts a javascript: URL in the URL field, and another administrator clicks on it.
Misp Misp
4.3
CVSSv2
CVE-2022-29533
An issue exists in MISP prior to 2.4.158. There is XSS in app/Controller/OrganisationsController.php in a situation with a "weird single checkbox page."
Misp Misp
5
CVSSv2
CVE-2022-29534
An issue exists in MISP prior to 2.4.158. In UsersController.php, password confirmation can be bypassed via vectors involving an "Accept: application/json" header.
Misp Misp
4.3
CVSSv2
CVE-2020-13153
app/View/Events/resolved_attributes.ctp in MISP prior to 2.4.126 has XSS in the resolved attributes view.
Misp Misp
5
CVSSv2
CVE-2020-25766
An issue exists in MISP prior to 2.4.132. It can perform an unwanted action because of a POST operation on a form that is not linked to the login page.
Misp Misp
NA
CVE-2023-49926
app/Lib/Tools/EventTimelineTool.php in MISP prior to 2.4.179 allows XSS in the event timeline widget.
Misp Misp
4.3
CVSSv2
CVE-2020-10246
MISP 2.4.122 has reflected XSS via unsanitized URL parameters. This is related to app/View/Users/statistics_orgs.ctp.
Misp Misp 2.4.122
9
CVSSv2
CVE-2018-6926
In app/Controller/ServersController.php in MISP 2.4.87, a server setting permitted the override of a path variable on certain Red Hed Enterprise Linux and CentOS systems (where rh_shell_fix was enabled), and consequently allowed site admins to inject arbitrary OS commands. The im...
Misp Misp 2.4.87
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »