Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
misp vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2020-10246
MISP 2.4.122 has reflected XSS via unsanitized URL parameters. This is related to app/View/Users/statistics_orgs.ctp.
Misp Misp 2.4.122
383
VMScore
CVE-2020-10247
MISP 2.4.122 has Persistent XSS in the sighting popover tool. This is related to app/View/Elements/Events/View/sighting_field.ctp.
Misp Misp 2.4.122
NA
CVE-2023-24026
In MISP 2.4.167, app/webroot/js/event-graph.js has an XSS vulnerability via an event-graph preview payload.
Misp-project Misp 2.4.167
NA
CVE-2023-24028
In MISP 2.4.167, app/Controller/Component/ACLComponent.php has incorrect access control for the decaying import function.
Misp-project Misp 2.4.167
668
VMScore
CVE-2020-12889
MISP MISP-maltego 1.4.4 incorrectly shares a MISP connection across users in a remote-transform use case.
Misp Misp-maltego 1.4.4
312
VMScore
CVE-2017-16802
In the sharingGroupPopulateOrganisations function in app/webroot/js/misp.js in MISP 2.4.82, there is XSS via a crafted organisation name that is manually added.
Misp-project Misp 2.4.82
383
VMScore
CVE-2018-11245
app/webroot/js/misp.js in MISP 2.4.91 has a DOM based XSS with cortex type attributes.
Misp-project Misp 2.4.91
NA
CVE-2023-24070
app/View/AuthKeys/authkey_display.ctp in MISP up to and including 2.4.167 has an XSS in authkey add via a Referer field.
Misp-project Malware Information Sharing Platform
NA
CVE-2023-48655
An issue exists in MISP prior to 2.4.176. app/Controller/Component/IndexFilterComponent.php does not properly filter out query parameters.
Misp-project Malware Information Sharing Platform
NA
CVE-2023-48656
An issue exists in MISP prior to 2.4.176. app/Model/AppModel.php mishandles order clauses.
Misp-project Malware Information Sharing Platform
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »