exploitDog

GHSA-42g5-mrm4-477g

Опубликовано: 29 мар. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 5.5

Описание

In MISP before 2.4.193, menu_custom_right_link_html parameters can be set via the UI (i.e., without using the CLI) and thus attackers with admin privileges can conduct XSS attacks against every page.

In MISP before 2.4.193, menu_custom_right_link_html parameters can be set via the UI (i.e., without using the CLI) and thus attackers with admin privileges can conduct XSS attacks against every page.

Ссылки

EPSS

Процентиль: 44%

0.00216

Низкий

5.5 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2024-58129

CVSS3: 5.5

nvd

11 месяцев назад

In MISP before 2.4.193, menu_custom_right_link_html parameters can be set via the UI (i.e., without using the CLI) and thus attackers with admin privileges can conduct XSS attacks against every page.

EPSS

Процентиль: 44%

0.00216

Низкий

5.5 Medium

CVSS3

CVE ID

Дефекты

CWE-79