We are reliable, trustworthy, and ready for challenges! Hire Us
MISP – Stored XSS
- Home
- Advisories
- MISP – Stored XSS
DATE
03.06.2023
Affected Vendor
CIRCL – Computer Incident Response Center Luxembourg
Affected Product
MISP – Malware Information Sharing Platform & Open Standards For Threat Information Sharing – https://www.misp-project.org/
Vulnerable version
2.4.171
Fixed version
2.4.172
CVSS
Recommendations
Update to MISP version 2.4.172
Vulnerability details
In MISP before 2.4.172, title_for_layout is not properly sanitized in Correlations, CorrelationExclusions, and Layouts.
CVE
CVE-2023-37307
Credits
Ulaş Deniz İlhan
Do you think the security of your data might be lacking? Let's find the best approach together.
Once you contact us, we will ask you about the project you want to secure.