Fukusuke Takahashi

**Name of the Vulnerable Software and Affected Versions** MISP versions 2.5.2 and earlier **Description** The issue is related to stored Cross Site Scripting (XSS) in the MISP Galaxy Cluster Export Function. This occurs when exporting custom clusters into the misp-galaxy format. The file `app/View/GalaxyClusters/cluster export misp galaxy.ctp` is specifically affected. **Recommendations** For versions 2.5.2 and earlier, consider disabling the export function of custom clusters to the misp-galaxy format until a patch is available. Restrict access to the `cluster export misp galaxy.ctp` file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** MISP versions prior to 2.4.182 **Description** The issue is related to the mishandling of ACLs for audit logs in the app/Controller/AuditLogsController.php file. **Recommendations** For versions prior to 2.4.182, update to version 2.4.182 or later to resolve the issue.