CVE-2024-58129

Published March 28th, 2025

View on NVD ↗

CVSS v3

5.5

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

In MISP before 2.4.193, menu_custom_right_link_html parameters can be set via the UI (i.e., without using the CLI) and thus attackers with admin privileges can conduct XSS attacks against every page.

MISP/MISP

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

GitHub

6.38K