CVE-2022-27244

Publication date

2022-03-18 17:14:38

Family

mitre

State

PUBLISHED

Description

An issue was discovered in MISP before 2.4.156. A malicious site administrator could store an XSS payload in the custom auth name. This would be executed each time the administrator modifies a user.