Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
3.5
CVSSv2
CVE-2022-29529
Published: 20/04/2022 Updated: 03/11/2023
CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8
CVSS v3 Base Score: 5.4 | Impact Score: 2.7 | Exploitability Score: 2.3
VMScore: 312
Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N
Subscribe to Misp
Vulnerability Summary
An issue exists in MISP prior to 2.4.158. There is stored XSS via the LinOTP login field.
Vulnerability Trend
Vulnerable Product
Search on Vulmon
Subscribe to Product
misp misp
References
CWE-79
https://github.com/MISP/MISP/compare/v2.4.157...v2.4.158
https://github.com/MISP/MISP/commit/9623de2f5cca011afc581d55cfa5ce87682894fd
https://zigrin.com/cakephp-application-cybersecurity-research-protect-your-website-from-stored-xss-attacks-understanding-and-preventing-vulnerabilities-in-open-source-applications/
https://zigrin.com/advisories/misp-stored-xss-via-the-linotp-login-field/
https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started