Vulnerabilities > Misp Project > Misp > 2.4.167
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-01-20 | CVE-2023-24026 | Cross-site Scripting vulnerability in Misp-Project Misp 2.4.167 In MISP 2.4.167, app/webroot/js/event-graph.js has an XSS vulnerability via an event-graph preview payload. | 6.1 |
2023-01-20 | CVE-2023-24028 | Unspecified vulnerability in Misp-Project Misp 2.4.167 In MISP 2.4.167, app/Controller/Component/ACLComponent.php has incorrect access control for the decaying import function. | 9.8 |