| 2023-11-17 | CVE-2023-48655 | Unspecified vulnerability in Misp-Project Malware Information Sharing Platform
An issue was discovered in MISP before 2.4.176. | 9.8 |
| 2023-11-17 | CVE-2023-48656 | Unspecified vulnerability in Misp-Project Malware Information Sharing Platform
An issue was discovered in MISP before 2.4.176. | 9.8 |
| 2023-11-17 | CVE-2023-48657 | Unspecified vulnerability in Misp-Project Malware Information Sharing Platform
An issue was discovered in MISP before 2.4.176. | 9.8 |
| 2023-11-17 | CVE-2023-48658 | Unspecified vulnerability in Misp-Project Malware Information Sharing Platform
An issue was discovered in MISP before 2.4.176. | 9.8 |
| 2023-11-17 | CVE-2023-48659 | Unspecified vulnerability in Misp-Project Malware Information Sharing Platform
An issue was discovered in MISP before 2.4.176. | 9.8 |
| 2023-06-30 | CVE-2023-37307 | Cross-site Scripting vulnerability in Misp-Project Malware Information Sharing Platform
In MISP before 2.4.172, title_for_layout is not properly sanitized in Correlations, CorrelationExclusions, and Layouts. | 5.4 |
| 2023-03-18 | CVE-2023-28606 | Cross-site Scripting vulnerability in Misp-Project Malware Information Sharing Platform
js/event-graph.js in MISP before 2.4.169 allows XSS via event-graph node tooltips. | 6.1 |
| 2023-03-18 | CVE-2023-28607 | Cross-site Scripting vulnerability in Misp-Project Malware Information Sharing Platform
js/event-graph.js in MISP before 2.4.169 allows XSS via the event-graph relationship tooltip. | 6.1 |
| 2023-01-23 | CVE-2023-24070 | Cross-site Scripting vulnerability in Misp-Project Malware Information Sharing Platform
app/View/AuthKeys/authkey_display.ctp in MISP through 2.4.167 has an XSS in authkey add via a Referer field. | 6.1 |
| 2022-12-22 | CVE-2022-47928 | Cross-site Scripting vulnerability in Misp-Project Malware Information Sharing Platform
In MISP before 2.4.167, there is XSS in the template file uploads in app/View/Templates/upload_file.ctp. | 6.1 |