An issue was discovered in MISP before 2.4.158. There is XSS in app/Controller/OrganisationsController.php in a situation with a "weird single checkbox page."
References
Link | Resource |
---|---|
https://github.com/MISP/MISP/commit/ce6bc88e330f5ef50666b149d86c0d94f545f24e | Patch Third Party Advisory |
https://github.com/MISP/MISP/compare/v2.4.157...v2.4.158 | Release Notes Third Party Advisory |
https://zigrin.com/advisories/misp-xss-in-app-controller-organisationscontroller-php/ | Third Party Advisory |
Configurations
History
21 Dec 2023, 03:15
Type | Values Removed | Values Added |
---|---|---|
References | () https://zigrin.com/advisories/misp-xss-in-app-controller-organisationscontroller-php/ - Third Party Advisory |
30 Oct 2023, 22:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
27 Apr 2022, 03:56
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:misp:misp:*:*:*:*:*:*:*:* | |
First Time |
Misp
Misp misp |
|
CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 6.1 |
References | (MISC) https://github.com/MISP/MISP/compare/v2.4.157...v2.4.158 - Release Notes, Third Party Advisory | |
References | (MISC) https://github.com/MISP/MISP/commit/ce6bc88e330f5ef50666b149d86c0d94f545f24e - Patch, Third Party Advisory | |
CWE | CWE-79 |
20 Apr 2022, 23:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-04-20 23:15
Updated : 2023-12-21 03:15
NVD link : CVE-2022-29533
Mitre link : CVE-2022-29533
CVE.ORG link : CVE-2022-29533
JSON object : View
Products Affected
misp
- misp
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')