Vulnerabilities > Misp > Misp > 2.3.50
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-12 | CVE-2020-8890 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Misp An issue was discovered in MISP before 2.4.121. | 4.3 |
| 2019-09-10 | CVE-2019-16202 | Improper Privilege Management vulnerability in Misp MISP before 2.4.115 allows privilege escalation in certain situations. | 4.0 |
| 2019-05-08 | CVE-2019-11814 | Cross-site Scripting vulnerability in Misp An issue was discovered in app/webroot/js/misp.js in MISP before 2.4.107. | 4.3 |
| 2019-05-08 | CVE-2019-11813 | Cross-site Scripting vulnerability in Misp An issue was discovered in app/View/Elements/Events/View/value_field.ctp in MISP before 2.4.107. | 4.3 |
| 2019-05-08 | CVE-2019-11812 | Cross-site Scripting vulnerability in Misp A persistent XSS issue was discovered in app/View/Helper/CommandHelper.php in MISP before 2.4.107. | 4.3 |
| 2019-03-28 | CVE-2019-10254 | Cross-site Scripting vulnerability in Misp In MISP before 2.4.105, the app/View/Layouts/default.ctp default layout template has a Reflected XSS vulnerability. | 4.3 |
| 2017-08-24 | CVE-2017-13671 | Cross-site Scripting vulnerability in Misp app/View/Helper/CommandHelper.php in MISP before 2.4.79 has persistent XSS via comments. | 4.3 |