| Max CVSS | 6.8 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2020-8894 | 6.4 |
An issue was discovered in MISP before 2.4.121. ACLs for discussion threads were mishandled in app/Controller/ThreadsController.php and app/Model/Thread.php.
|
28-09-2023 - 14:15 | 12-02-2020 - 00:15 | |
| CVE-2020-8893 | 5.0 |
An issue was discovered in MISP before 2.4.121. The Galaxy view contained an incorrectly sanitized search string in app/View/Galaxies/view.ctp.
|
28-09-2023 - 14:15 | 12-02-2020 - 00:15 | |
| CVE-2020-8890 | 4.3 |
An issue was discovered in MISP before 2.4.121. It mishandled time skew (between the machine hosting the web server and the machine hosting the database) when trying to block a brute-force series of invalid requests.
|
14-02-2020 - 18:51 | 12-02-2020 - 00:15 | |
| CVE-2020-8892 | 6.8 |
An issue was discovered in MISP before 2.4.121. It did not consider the HTTP PUT method when trying to block a brute-force series of invalid requests.
|
14-02-2020 - 18:48 | 12-02-2020 - 00:15 | |
| CVE-2020-8891 | 4.3 |
An issue was discovered in MISP before 2.4.121. It did not canonicalize usernames when trying to block a brute-force series of invalid requests.
|
14-02-2020 - 18:39 | 12-02-2020 - 00:15 |