An issue exists in MISP prior to 2.4.156. A malicious site administrator could store an XSS payload in the custom auth name. This would be executed each time the administrator modifies a user.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
misp misp |