CVE-2019-11814

Name of the Vulnerable Software and Affected Versions MISP versions prior to 2.4.107

Description An issue was discovered in the MISP software, where there is a persistent XSS vulnerability via image names in titles. This issue can be demonstrated by a screenshot, indicating the potential for malicious code execution through crafted image names.

Recommendations For versions prior to 2.4.107, update to version 2.4.107 or later to resolve the issue. As a temporary workaround, consider restricting the ability to upload images with malicious names to minimize the risk of exploitation.