Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
5.4
CVSSv3
CVE-2022-29529
Published: 20/04/2022 Updated: 03/11/2023
CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8
CVSS v3 Base Score: 5.4 | Impact Score: 2.7 | Exploitability Score: 2.3
VMScore: 312
Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N
Subscribe to Misp
Vulnerability Summary
An issue exists in MISP prior to 2.4.158. There is stored XSS via the LinOTP login field.
Vulnerability Trend
Vulnerable Product
Search on Vulmon
Subscribe to Product
misp misp
References
CWE-79
https://github.com/MISP/MISP/compare/v2.4.157...v2.4.158
https://github.com/MISP/MISP/commit/9623de2f5cca011afc581d55cfa5ce87682894fd
https://zigrin.com/cakephp-application-cybersecurity-research-protect-your-website-from-stored-xss-attacks-understanding-and-preventing-vulnerabilities-in-open-source-applications/
https://zigrin.com/advisories/misp-stored-xss-via-the-linotp-login-field/
https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
IMAP
CVE-2024-4367
server-side request forgery
information disclosure
CVE-2024-34342
CVE-2024-4281
CVE-2024-3507
CVE-2024-25560
CVE-2024-34574
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started