CVE-2022-47928

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-47928
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-47928.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-47928
Published
2022-12-22T00:00:00Z
Modified
2026-06-15T12:18:46.278072733Z
Summary
[none]
Details

In MISP before 2.4.167, there is XSS in the template file uploads in app/View/Templates/upload_file.ctp.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/47xxx/CVE-2022-47928.json",
    "cna_assigner": "mitre"
}
References

Affected packages

Git / github.com/misp/misp

Affected ranges

Type
GIT
Repo
https://github.com/misp/misp
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
b8463ebbbf47b49d9bd1da145725d68852c308b9
Fixed
684d3e51398d4ea032b06fa4a1cd2bdf7d8b0ede
Database specific 
{
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "2.4.167"
        }
    ],
    "cpe": "cpe:2.3:a:misp-project:malware_information_sharing_platform:*:*:*:*:*:*:*:*",
    "source": [
        "CPE_RANGE",
        "REFERENCES"
    ]
}

Affected versions

Other
codename/tellurium
rm
v0.*
v0.2
v2.*
v2.3.0
v2.4.0
v2.4.1
v2.4.10
v2.4.100
v2.4.101
v2.4.102
v2.4.106
v2.4.107
v2.4.109
v2.4.11
v2.4.110
v2.4.111
v2.4.118
v2.4.120
v2.4.121
v2.4.122
v2.4.123
v2.4.125
v2.4.127
v2.4.128
v2.4.13
v2.4.130
v2.4.133
v2.4.134
v2.4.136
v2.4.137
v2.4.14
v2.4.15
v2.4.152
v2.4.153
v2.4.156
v2.4.157
v2.4.158
v2.4.16
v2.4.160
v2.4.161
v2.4.162
v2.4.163
v2.4.164
v2.4.165
v2.4.166
v2.4.17
v2.4.18
v2.4.2
v2.4.20
v2.4.21
v2.4.22
v2.4.23
v2.4.24
v2.4.25
v2.4.26
v2.4.27
v2.4.3
v2.4.34
v2.4.35
v2.4.36
v2.4.37
v2.4.38
v2.4.39
v2.4.4
v2.4.43
v2.4.45
v2.4.46
v2.4.47
v2.4.48
v2.4.5
v2.4.50
v2.4.51
v2.4.52
v2.4.53
v2.4.54
v2.4.56
v2.4.57
v2.4.58
v2.4.59
v2.4.60
v2.4.61
v2.4.62
v2.4.63
v2.4.64
v2.4.65
v2.4.7
v2.4.78
v2.4.80
v2.4.82
v2.4.83
v2.4.85
v2.4.86
v2.4.87
v2.4.88
v2.4.89
v2.4.9
v2.4.91
v2.4.93
v2.4.94
v2.4.95
v2.4.96
v2.4.98

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-47928.json"