Misp: >> Misp >> 2.4.157 Security Vulnerabilities
An issue was discovered in MISP before 2.4.158. There is XSS in app/Controller/OrganisationsController.php in a situation with a "weird single checkbox page."
CVSS Score
6.1
EPSS Score
0.003
Published
2022-04-20
An issue was discovered in MISP before 2.4.158. In UsersController.php, password confirmation can be bypassed via vectors involving an "Accept: application/json" header.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-04-20
Page 3