Vulnerabilities > Misp Project

DATE CVE VULNERABILITY TITLE RISK
2023-11-17 CVE-2023-48655 Unspecified vulnerability in Misp-Project Malware Information Sharing Platform
An issue was discovered in MISP before 2.4.176.
network
low complexity
misp-project
critical
9.8
2023-11-17 CVE-2023-48656 Unspecified vulnerability in Misp-Project Malware Information Sharing Platform
An issue was discovered in MISP before 2.4.176.
network
low complexity
misp-project
critical
9.8
2023-11-17 CVE-2023-48657 Unspecified vulnerability in Misp-Project Malware Information Sharing Platform
An issue was discovered in MISP before 2.4.176.
network
low complexity
misp-project
critical
9.8
2023-11-17 CVE-2023-48658 Unspecified vulnerability in Misp-Project Malware Information Sharing Platform
An issue was discovered in MISP before 2.4.176.
network
low complexity
misp-project
critical
9.8
2023-11-17 CVE-2023-48659 Unspecified vulnerability in Misp-Project Malware Information Sharing Platform
An issue was discovered in MISP before 2.4.176.
network
low complexity
misp-project
critical
9.8
2023-06-30 CVE-2023-37306 Information Exposure Through an Error Message vulnerability in Misp-Project Malware Information Sharing Platform 2.4.172
MISP 2.4.172 mishandles different certificate file extensions in server sync.
network
low complexity
misp-project CWE-209
7.5
2023-06-30 CVE-2023-37307 Cross-site Scripting vulnerability in Misp-Project Malware Information Sharing Platform
In MISP before 2.4.172, title_for_layout is not properly sanitized in Correlations, CorrelationExclusions, and Layouts.
network
low complexity
misp-project CWE-79
5.4
2023-03-27 CVE-2023-28884 Cross-site Scripting vulnerability in Misp-Project Malware Information Sharing Platform 2.4.169
In MISP 2.4.169, app/Lib/Tools/CustomPaginationTool.php allows XSS in the community index.
network
low complexity
misp-project CWE-79
6.1
2023-03-18 CVE-2023-28606 Cross-site Scripting vulnerability in Misp-Project Malware Information Sharing Platform
js/event-graph.js in MISP before 2.4.169 allows XSS via event-graph node tooltips.
network
low complexity
misp-project CWE-79
6.1
2023-03-18 CVE-2023-28607 Cross-site Scripting vulnerability in Misp-Project Malware Information Sharing Platform
js/event-graph.js in MISP before 2.4.169 allows XSS via the event-graph relationship tooltip.
network
low complexity
misp-project CWE-79
6.1