Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
misp vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2017-13671
app/View/Helper/CommandHelper.php in MISP prior to 2.4.79 has persistent XSS via comments. It only impacts the users of the same instance because the comment field is not part of the MISP synchronisation.
Misp Misp
4
CVSSv2
CVE-2019-16202
MISP prior to 2.4.115 allows privilege escalation in certain situations. After updating to 2.4.115, escalation attempts are blocked by the __checkLoggedActions function with a "This could be an indication of an attempted privilege escalation on older vulnerable versions of M...
Misp Misp
7.5
CVSSv2
CVE-2021-41326
In MISP prior to 2.4.148, app/Lib/Export/OpendataExport.php mishandles parameter data that is used in a shell_exec call.
Misp Misp
1 Github repository
7.5
CVSSv2
CVE-2022-29528
An issue exists in MISP prior to 2.4.158. PHAR deserialization can occur.
Misp Misp
3.5
CVSSv2
CVE-2022-29530
An issue exists in MISP prior to 2.4.158. There is stored XSS in the galaxy clusters.
Misp Misp
5
CVSSv2
CVE-2022-29534
An issue exists in MISP prior to 2.4.158. In UsersController.php, password confirmation can be bypassed via vectors involving an "Accept: application/json" header.
Misp Misp
5
CVSSv2
CVE-2020-25766
An issue exists in MISP prior to 2.4.132. It can perform an unwanted action because of a POST operation on a form that is not linked to the login page.
Misp Misp
3.5
CVSSv2
CVE-2022-29529
An issue exists in MISP prior to 2.4.158. There is stored XSS via the LinOTP login field.
Misp Misp
3.5
CVSSv2
CVE-2022-29532
An issue exists in MISP prior to 2.4.158. There is XSS in the cerebrate view if one administrator puts a javascript: URL in the URL field, and another administrator clicks on it.
Misp Misp
4.3
CVSSv2
CVE-2022-29533
An issue exists in MISP prior to 2.4.158. There is XSS in app/Controller/OrganisationsController.php in a situation with a "weird single checkbox page."
Misp Misp
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377
CVE-2024-20859
CVE-2023-49606
inject
arbitrary
CVE-2024-33788
CVE-2024-30973
IDOR
CVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »