日期 (Date): 2022-04-20 受影响的供应商 (Affected Vendor): CIRCL - Computer Incident Response Center Luxembourg 受影响的产品 (Affected Product): MISP - Open Source Threat Intelligence Platform & Open Standards For Threat Information Sharing - https://www.misp-project.org/ 易受攻击的版本 (Vulnerable Version): 2.4.157 修复版本 (Fixed Version): 2.4.158 CVE编号: CVE-2022-29531 详情: 在2.4.158之前的MISP中发现了一个问题。通过标签名称在事件图表中存在存储的XSS漏洞。 漏洞详情来源: - https://github.com/MISP/MISP/compare/v2.4.157...v2.4.158 - https://github.com/MISP/MISP/commit/bb3b7a7e91862742cae228c43b309 - https://nvd.nist.gov/vuln/detail/CVE-2022-29531 发现者: Dawid Czarnecki