Page 3 of 24 results (0.002 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2022-27246

https://notcve.org/view.php?id=CVE-2022-27246

18 Mar 2022 — An issue was discovered in MISP before 2.4.156. An SVG org logo (which may contain JavaScript) is not forbidden by default. Se ha detectado un problema en MISP versiones anteriores a 2.4.156. Un logotipo SVG org (que puede contener JavaScript) no está prohibido por defecto • https://github.com/MISP/MISP/commit/08a07a38ae81f3b55d81cfcd4501ac1eb1c9c4dc • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2021-41326

https://notcve.org/view.php?id=CVE-2021-41326

17 Sep 2021 — In MISP before 2.4.148, app/Lib/Export/OpendataExport.php mishandles parameter data that is used in a shell_exec call. En MISP versiones anteriores a 2.4.148, el archivo app/Lib/Export/OpendataExport.php maneja inapropiadamente los datos de los parámetros que son usados en una llamada shell_exec • https://github.com/MISP/MISP/commit/e36f73947e741bc97320f0c42199acd1a94c7051 •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2021-36212

https://notcve.org/view.php?id=CVE-2021-36212

07 Jul 2021 — app/View/SharingGroups/view.ctp in MISP before 2.4.146 allows stored XSS in the sharing groups view. Un archivo app/View/SharingGroups/view.ctp en MISP versiones anteriores a 2.4.146, permite un ataque de tipo XSS almacenado en la vista de grupos compartidos • https://github.com/MISP/MISP/commit/01521d614cb578de75a406394b4f0426f6036ba7 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2021-35502

https://notcve.org/view.php?id=CVE-2021-35502

25 Jun 2021 — app/View/Elements/genericElements/IndexTable/Fields/generic_field.ctp in MISP 2.4.144 does not sanitize certain data related to generic-template:index. El archivo app/View/Elements/genericElements/IndexTable/Fields/generic_field.ctp en MISP versión 2.4.144, no sanea determinados datos relacionados con generic-template:index • https://github.com/MISP/MISP/commit/2fde6476dc3173affc61874ba2adb35400a8fda5 •