CVE-2023-37307

Name of the Vulnerable Software and Affected Versions MISP versions prior to 2.4.172

Description The issue arises from the improper sanitization of the title for layout in Correlations, CorrelationExclusions, and Layouts. This could potentially lead to security issues, although specific details about the nature of the exploitation or affected devices are not provided.

Recommendations For versions prior to 2.4.172, update to version 2.4.172 or later to resolve the issue. As a temporary workaround, consider restricting access to the Correlations, CorrelationExclusions, and Layouts features until the update is applied.