header-logo
Suggest Exploit
vendor:
MISP
by:
Mücahit Çeri
4.1
CVSS
MEDIUM
Stored Cross-Site Scripting (XSS)
79
CWE
Product Name: MISP
Affected Version From: 2.4.0171
Affected Version To: 2.4.0171
Patch Exists: NO
Related CWE: CVE-2023-37307
CPE: a:misp_project:misp:2.4.171
Metasploit:
Other Scripts:
Platforms Tested: Ubuntu 20.04
2023

MISP 2.4.171 Stored XSS Vulnerability

An authenticated user can inject malicious code into the 'Name' parameter while adding a cluster in MISP version 2.4.171, leading to the execution of arbitrary scripts in the context of the user's session. This vulnerability has been assigned CVE-2023-37307.

Mitigation:

To mitigate this vulnerability, users should sanitize and validate user input to prevent the execution of scripts. Regular security updates and patches from the vendor should be applied promptly.
Source

Exploit-DB raw data:

# Exploit Title: MISP 2.4.171 Stored XSS [CVE-2023-37307] (Authenticated)
# Date: 8th October 2023
# Exploit Author: Mücahit Çeri
# Vendor Homepage: https://www.circl.lu/
# Software Link: https://github.com/MISP/MISP
# Version: 2.4.171
# Tested on: Ubuntu 20.04
# CVE : CVE-2023-37307

# Exploit:
Logged in as low privileged account

1)Click on the "Galaxies" button in the top menu
2)Click "Add Cluster" in the left menu.
3)Enter the payload "</title><script>alert(1)</script>" in the Name parameter.
4)Other fields are filled randomly. Click on Submit button.
5)When the relevant cluster is displayed, we see that alert(1) is running

Navigation

Suggest Exploit

Services By CQR

cqrsecured