MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
MISP/app/View
History
iglocska 597977694d
fix: [security] stored XSS in the correlation top list 
- if an attribute with an XSS payload as its value ends up being in the top list of correlations, then an administrator viewing the top correlations would execute the XSS

- as reported by Grzegorz Misiun
 		2024-04-23 14:51:58 +02:00
..
AccessLogs chg: [UI] Show user agent in title in access log 2023-05-24 09:56:43 +02:00
Allowedlists fix: fix ui issues on multiple views 2021-07-13 18:08:58 +02:00
AnalystData fix: [analyst-data:thread] Only render the HTML when opening the popover 2024-04-17 11:33:32 +02:00
AnalystDataBlocklists fix: [analyst data blocklist] removed unused edit button 2024-02-27 09:04:55 +01:00
Api fix: [rest] Correct view for empty response 2022-04-10 15:16:11 +02:00
Attributes Merge branch 'develop' into allow-enrich-objects 2023-08-01 09:48:44 +02:00
AuditLogs fix: event audit log pagination bug, fixes #9245 2023-08-24 11:58:28 +02:00
AuthKeys chg: [internal] PHP 7.4 is required, so we can remove hacks for older versions vol. 2 2024-01-14 17:35:25 +01:00
Benchmarks new: [benchmarking suite] added 2024-04-17 15:08:38 +02:00
Cerebrates new: [cerebrate:pull_sg] Pull sharing groups from a cerebrate instance 2021-09-06 17:24:23 +02:00
CollectionElements new: [collections] feature added. Still missing sync integration - WiP 2024-01-28 18:05:29 +01:00
Collections new: [collections] feature added. Still missing sync integration - WiP 2024-01-28 18:05:29 +01:00
Communities fix: [UI] Communities 2022-12-15 10:04:45 -05:00
CorrelationExclusions fix: [layout:title] Make sure page title are correctly formatted 2023-06-06 15:54:56 -04:00
Correlations fix: [layout:title] Make sure page title are correctly formatted 2023-06-06 15:54:56 -04:00
CryptographicKeys new: [cryptographic keys] views added 2022-03-13 12:39:05 +01:00
Dashboards fix: [dashboard:updating] Prevent sending multiple time the same save request[1;5D 2024-04-08 16:41:46 +02:00
DecayingModel fix: [decaying:decaying_tool] Fixed page failing to load due to missing jquery-ui 2022-07-21 12:05:59 +02:00
DecayingModelMapping
Elements fix: [security] stored XSS in the correlation top list 2024-04-23 14:51:58 +02:00
Emails Feature/user login profiles2 (#9379) 2023-11-24 13:47:59 +01:00
Errors fix: [UI] Show error only if it is not empty 2021-05-24 14:05:28 +02:00
EventBlocklists fix: [UI] Avoid calling submitPublish() JS method 2022-03-28 12:44:56 +02:00
EventDelegations
EventGraph/ajax resolve merge 2020-08-16 13:31:31 +02:00
EventReports fix: [analyst-data:UI] Added missing entries for view elements 2024-04-03 15:39:20 +02:00
Events fix: [internal] Try to fix STIX import 2024-04-03 12:34:30 +02:00
FavouriteTags/ajax
Feeds chg: [feed] Added support of tag_collection_id when dealing with feeds 2024-04-17 15:59:10 +02:00
Galaxies chg: [internal] Fix passedArgs is undefined 2023-05-24 14:07:13 +02:00
GalaxyClusterBlocklists fix: fix ui issues on multiple views 2021-07-13 18:08:58 +02:00
GalaxyClusterRelations chg: [UI] Small fixes 2022-12-15 10:04:45 -05:00
GalaxyClusters fix: [analyst-data:thread] Only render the HTML when opening the popover 2024-04-17 11:33:32 +02:00
GalaxyElements/ajax fix: [UI] Galaxy cluster UI cleanup 2022-12-15 10:05:13 -05:00
Helper fix: [UI] Showing event logo in correlation graph 2024-03-25 14:59:35 +01:00
Inbox
Jobs chg: [UI] Fetch job progress in one query 2022-05-13 19:17:27 +02:00
Layouts fix: [layout:title] Make sure page title are correctly formatted 2023-06-06 15:52:16 -04:00
Logs new: [logs] add time based filter 2023-09-14 14:14:51 +02:00
News new: [news] Show the latest news in nicer view 2022-10-10 17:18:11 +02:00
Noticelists chg: [UI] Small fixes 2022-12-15 10:04:45 -05:00
ObjectReferences/ajax fix: [UI] Cleanup for reference bulk add 2022-10-15 09:30:03 +02:00
ObjectTemplateElements/ajax
ObjectTemplates fix: [UI] Fix MISP logo display on object templates index 2024-02-28 11:20:39 +01:00
Objects fix: [objects:edit] Restored behavior of upgrading object to newer template 2023-10-24 09:26:41 +02:00
OrgBlocklists new: [orgBlocklist:index] Added total blocked count and last block time for each blocked orgs 2023-04-18 15:06:22 +02:00
Organisations chg: [org index] sort on metafields 2023-06-26 10:05:29 +02:00
Pages chg: [internal] Optimise reportValidationIssuesAttributes 2024-01-05 16:40:49 +01:00
Posts
Regexp chg: [UI] Small fixes 2022-12-15 10:04:45 -05:00
RestClientHistory fix: [UI] REST client 2022-04-10 15:04:48 +02:00
Roles chg: [UI] Open modal without onclick vol. 2 2022-03-20 14:55:58 +01:00
Servers chg: [server:sync/analyst-data] Started integration of server synchronisation - WiP 2024-01-31 15:10:08 +01:00
ShadowAttributes fix: [acl] Add event to template when adding shadow attribute 2022-11-02 13:24:34 +01:00
SharingGroupBlueprints new: [sg blueprint] encode as sync rule functionality added 2023-12-20 15:32:51 +01:00
SharingGroups fix: [UI] Warnings when user don't have permission to see sharing group orgs 2022-12-15 10:05:13 -05:00
SightingBlocklists new: [sighting sync] blocklisting added 2024-04-04 12:08:22 +02:00
Sightingdb
Sightings/ajax new: [acl] Check sighting deletion in ACLComponent 2022-11-02 13:24:34 +01:00
TagCollections chg: [UI] Small fixes 2022-12-15 10:04:45 -05:00
Tags fix: [UI] Submit form on CTRL+ENTER on select 2022-10-14 13:00:38 +02:00
Tasks
TaxiiServers fix: [cleanup] removed copy pasta junk 2024-01-04 20:09:48 +01:00
Taxonomies fix: taxonomy view filter is not kept when switching pages, fixes #8875 2023-11-15 12:04:28 +01:00
TemplateElements/ajax fix: [UI] Template element sorting 2022-05-02 09:57:49 +02:00
Templates fix: [security] XSS in the template file uploads 2022-12-22 15:37:43 +01:00
Threads chg: [escaping] added to event ID 2023-09-22 14:14:47 +02:00
UserLoginProfiles Feature/user login profiles2 (#9379) 2023-11-24 13:47:59 +01:00
UserSettings fix: [UI] Handling non exists user setting 2022-07-29 17:18:56 +02:00
Users new: [benchmarking suite] added 2024-04-17 15:08:38 +02:00
Warninglists chg: [ACL] Warninglist::checkValue is available for all 2022-12-15 10:04:45 -05:00
WorkflowBlueprints fix: [UI] Nicer view for workflow blueprints index 2022-10-10 22:30:26 +02:00
Workflows Merge branch 'develop' of github.com:MISP/MISP into feature_workflows/enrichment-improvements 2023-07-28 10:30:29 +02:00
genericTemplates new: [generic json template] added with JS based highlighting 2023-06-07 14:25:54 +02:00
AppView.php chg: [internal] Element file cache 2021-11-22 09:58:23 +01:00