Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
misp misp vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2020-8891
An issue exists in MISP prior to 2.4.121. It did not canonicalize usernames when trying to block a brute-force series of invalid requests.
Misp Misp
7.5
CVSSv3
CVE-2020-8893
An issue exists in MISP prior to 2.4.121. The Galaxy view contained an incorrectly sanitized search string in app/View/Galaxies/view.ctp.
Misp Misp
6.5
CVSSv3
CVE-2020-8894
An issue exists in MISP prior to 2.4.121. ACLs for discussion threads were mishandled in app/Controller/ThreadsController.php and app/Model/Thread.php.
Misp Misp
6.5
CVSSv3
CVE-2019-16202
MISP prior to 2.4.115 allows privilege escalation in certain situations. After updating to 2.4.115, escalation attempts are blocked by the __checkLoggedActions function with a "This could be an indication of an attempted privilege escalation on older vulnerable versions of M...
Misp Misp
5.9
CVSSv3
CVE-2020-8890
An issue exists in MISP prior to 2.4.121. It mishandled time skew (between the machine hosting the web server and the machine hosting the database) when trying to block a brute-force series of invalid requests.
Misp Misp
8.8
CVSSv3
CVE-2020-15711
In MISP prior to 2.4.129, setting a favourite homepage was not CSRF protected.
Misp Misp
6.1
CVSSv3
CVE-2021-36212
app/View/SharingGroups/view.ctp in MISP prior to 2.4.146 allows stored XSS in the sharing groups view.
Misp Misp
6.1
CVSSv3
CVE-2020-13153
app/View/Events/resolved_attributes.ctp in MISP prior to 2.4.126 has XSS in the resolved attributes view.
Misp Misp
6.1
CVSSv3
CVE-2017-13671
app/View/Helper/CommandHelper.php in MISP prior to 2.4.79 has persistent XSS via comments. It only impacts the users of the same instance because the comment field is not part of the MISP synchronisation.
Misp Misp
6.1
CVSSv3
CVE-2019-10254
In MISP prior to 2.4.105, the app/View/Layouts/default.ctp default layout template has a Reflected XSS vulnerability.
Misp Misp
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
IMAP
CVE-2024-4367
server-side request forgery
information disclosure
CVE-2024-34342
CVE-2024-4281
CVE-2024-3507
CVE-2024-25560
CVE-2024-34574
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »