CVE-2025-67906 | MISP up to 2.5.27 executionPath.ctp cross site scripting

Inserito da Angelo Barbosa | Dic 15, 2025 | CVE

A vulnerability categorized as problematic has been discovered in MISP up to 2.5.27. The impacted element is an unknown function of the file app/View/Elements/Workflows/executionPath.ctp. Executing manipulation can lead to cross site scripting.

This vulnerability is tracked as CVE-2025-67906. The attack can be launched remotely. No exploit exists.

It is advisable to upgrade the affected component.

CVE-2025-67906 | MISP up to 2.5.27 executionPath.ctp cross site scripting

Post correlati

CVE-2023-6184 | Citrix Virtual Apps and Desktops Session Recording dynamically-managed code resources (CTX583930)

CVE-2024-37228 | InstaWP Connect Plugin up to 0.1.0.38 on WordPress code injection

CVE-2024-42861 | IEEE 802.1AS linuxptp up to 4.2 Pdelay_Req Message denial of service

CVE-2025-12142 | ABB Terra AC Wallbox up to 1.8.33 buffer overflow