Vulnerabilities > Misp > Misp > 2.4.111

DATE CVE VULNERABILITY TITLE RISK
2020-02-12 CVE-2020-8890 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Misp
An issue was discovered in MISP before 2.4.121.
network
misp CWE-367
4.3
4.3
2019-09-10 CVE-2019-16202 Improper Privilege Management vulnerability in Misp
MISP before 2.4.115 allows privilege escalation in certain situations.
network
low complexity
misp CWE-269
4.0
4.0
2019-07-27 CVE-2019-14286 Cross-site Scripting vulnerability in Misp 2.4.111
In app/webroot/js/event-graph.js in MISP 2.4.111, a stored XSS vulnerability exists in the event-graph view when a user toggles the event graph view.
network
misp CWE-79
4.3
4.3