GCVE-1-2025-0026
Vulnerability from gna-1 – Published: 2025-11-26 16:35 – Updated: 2025-12-02 08:50
VLAI?
Title
Reflected cross-site scripting (XSS) vulnerability in the Server Edit interface,
Summary
MISP contained a reflected cross-site scripting (XSS) vulnerability in the Server Edit interface, specifically within the JavaScript initialization code of the push and pull filtering rule elements. Prior to commit b24e37a6c78199a4c68bb3b95f53d37962973d86, the id parameter (server ID) was embedded directly into a JavaScript string without HTML escaping. A maliciously crafted id value containing JavaScript or special characters could be reflected into the page and executed when an authenticated user visited the server edit page.
Severity ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
Credits
Lassi Kapanen of Second Nature Security
Andras Iklody (the Insomniac MISP lead dev)
Teemu Hakkarainen of Second Nature Security
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "misp",
"vendor": "misp",
"versions": [
{
"lessThan": "2.5.12",
"status": "affected"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lassi Kapanen of Second Nature Security"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Andras Iklody"
},
{
"lang": "en",
"type": "finder",
"value": "Teemu Hakkarainen of Second Nature Security"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "MISP contained a reflected cross-site scripting (XSS) vulnerability in the \u003cem\u003eServer Edit\u003c/em\u003e interface, specifically within the JavaScript initialization code of the push and pull filtering rule elements. Prior to commit \u003ccode\u003eb24e37a6c78199a4c68bb3b95f53d37962973d86\u003c/code\u003e, the \u003ccode\u003eid\u003c/code\u003e parameter (server ID) was embedded directly into a JavaScript string without HTML escaping.\u0026nbsp;A maliciously crafted \u003ccode\u003eid\u003c/code\u003e value containing JavaScript or special characters could be reflected into the page and executed when an authenticated user visited the server edit page."
}
],
"value": "MISP contained a reflected cross-site scripting (XSS) vulnerability in the Server Edit interface, specifically within the JavaScript initialization code of the push and pull filtering rule elements. Prior to commit b24e37a6c78199a4c68bb3b95f53d37962973d86, the id parameter (server ID) was embedded directly into a JavaScript string without HTML escaping.\u00a0A maliciously crafted id value containing JavaScript or special characters could be reflected into the page and executed when an authenticated user visited the server edit page."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"orgId": "00000000-0000-4000-9000-000000000000"
},
"references": [
{
"url": "https://github.com/misp/misp/commit/b24e37a6c78199a4c68bb3b95f53d37962973d86"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Reflected cross-site scripting (XSS) vulnerability in the Server Edit interface,",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "00000000-0000-4000-9000-000000000000",
"datePublished": "2025-11-26T16:35:00.000Z",
"dateUpdated": "2025-12-02T08:50:46.381572Z",
"requesterUserId": "00000000-0000-4000-9000-000000000000",
"serial": 1,
"state": "PUBLISHED",
"vulnId": "GCVE-1-2025-0026",
"vulnerabilitylookup_history": [
[
"alexandre.dulaunoy@circl.lu",
"2025-11-26T16:35:06.666237Z"
],
[
"alexandre.dulaunoy@circl.lu",
"2025-12-02T08:50:46.381572Z"
]
]
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…