CVE-2026-54393 | MISP up to 2.5.39 setHomePage Endpoint app/View/News/index.ctp setSettingInternal cross site scripting

Inserito da Angelo Barbosa | Giu 13, 2026 | CVE

A vulnerability identified as problematic has been detected in MISP up to 2.5.39. This vulnerability affects the function setSettingInternal of the file app/View/News/index.ctp of the component setHomePage Endpoint. This manipulation causes cross site scripting.

This vulnerability appears as CVE-2026-54393. The attack may be initiated remotely. There is no available exploit.

You should upgrade the affected component.

CVE-2026-54393 | MISP up to 2.5.39 setHomePage Endpoint app/View/News/index.ctp setSettingInternal cross site scripting

Post correlati

CVE-2024-37890 | websockets ws up to 5.2.3/6.2.2/7.5.9/8.17.0 on Node.js Request Header null pointer dereference

CVE-2010-20120 | Maplesoft Maple up to 13 Maplet File code injection

CVE-2024-43945 | LatePoint Plugin up to 4.9.91 on WordPress cross-site request forgery

CVE-2025-42945 | SAP NetWeaver Application Server ABAP up to KRNL64UC 7.53 cross site scripting