CVE-2022-29533

Name of the Vulnerable Software and Affected Versions MISP versions prior to 2.4.158

Description The issue is related to a Cross-Site Scripting (XSS) vulnerability in the app/Controller/OrganisationsController.php file, specifically in situations involving a "weird single checkbox page."

Recommendations For versions prior to 2.4.158, update to version 2.4.158 or later to resolve the issue. As a temporary workaround, consider restricting access to the OrganisationsController.php file until a patch is applied.