A vulnerability, which was classified as problematic, has been found in MISP up to 2.4.178. This issue affects some unknown processing in the library app/Lib/Tools/EventTimelineTool.php of the component Event Timeline Widget. The manipulation leads to cross site scripting.

The identification of this vulnerability is CVE-2023-49926. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.