GCVE-1-2025-0039
Vulnerability from gna-1 – Published: 2025-12-10 14:33 – Updated: 2025-12-10 14:33
VLAI?
Summary
A cross-site scripting (XSS) vulnerability was identified in the MISP dashboard subsystem, specifically in the World Map dashboard widget and the supporting JavaScript logic that handles widget configuration and rendering.
A prior XSS fix related to unsafe handling of widget configuration and tooltip rendering had been in place, but the upgrade to GridStack 1.2 unintentionally broke dashboard widget configuration persistence. When the patch restored correct widget config handling, the previously mitigated XSS vector became reachable again.
Severity ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
| URL | Tags | |
|---|---|---|
Credits
🕵️♂️ Jeroen Pinoy 🐞
Andras Iklody (the Insomniac MISP lead dev)
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "misp",
"vendor": "misp",
"versions": [
{
"lessThan": "2.5.27",
"status": "affected"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jeroen Pinoy"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Andras Iklody"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA cross-site scripting (XSS) vulnerability was identified in the MISP dashboard subsystem, specifically in the \u003cstrong\u003eWorld Map dashboard widget\u003c/strong\u003e and the supporting JavaScript logic that handles widget configuration and rendering.\u003c/p\u003e\n\u003cp\u003eA prior XSS fix related to unsafe handling of widget configuration and tooltip rendering had been in place, but the upgrade to \u003cstrong\u003eGridStack 1.2\u003c/strong\u003e unintentionally broke dashboard widget configuration persistence. When the patch restored correct widget config handling, the previously mitigated XSS vector became reachable again.\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "A cross-site scripting (XSS) vulnerability was identified in the MISP dashboard subsystem, specifically in the World Map dashboard widget and the supporting JavaScript logic that handles widget configuration and rendering.\n\n\nA prior XSS fix related to unsafe handling of widget configuration and tooltip rendering had been in place, but the upgrade to GridStack 1.2 unintentionally broke dashboard widget configuration persistence. When the patch restored correct widget config handling, the previously mitigated XSS vector became reachable again."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"orgId": "00000000-0000-4000-9000-000000000000"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://github.com/MISP/MISP/commit/e651e606f8a2cb2504fc21f2c453395666b68d4f"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "XSS Reintroduced in MISP Dashboard World Map Widget Due to Restored Widget Configuration Functionality",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "00000000-0000-4000-9000-000000000000",
"datePublished": "2025-12-10T14:33:52.856734Z",
"dateUpdated": "2025-12-10T14:33:52.856734Z",
"requesterUserId": "00000000-0000-4000-9000-000000000000",
"serial": 1,
"state": "PUBLISHED",
"vulnId": "gcve-1-2025-0039",
"vulnerabilitylookup_history": [
[
"alexandre.dulaunoy@circl.lu",
"2025-12-10T14:33:52.856734Z"
]
]
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…