mirror of https://github.com/MISP/misp-website
chg: [blog] 2.4.123 updated
parent
56d0273152
commit
d226fffb1b
|
@ -1,7 +1,7 @@
|
||||||
---
|
---
|
||||||
title: MISP 2.4.123 released (aka the dashboard and security fix release)
|
title: MISP 2.4.123 released (aka the dashboard and security fix release)
|
||||||
layout: post
|
layout: post
|
||||||
featured: /assets/images/misp/blog/t-misp-overview.png
|
featured: /assets/images/misp/blog/dashboard.png
|
||||||
---
|
---
|
||||||
|
|
||||||
# MISP 2.4.123 released
|
# MISP 2.4.123 released
|
||||||
|
@ -12,12 +12,12 @@ A new version of MISP ([2.4.123](https://github.com/MISP/MISP/tree/v2.4.123)) ha
|
||||||
|
|
||||||
Thanks to a pentest conducted on behalf of the Centre for Cyber Security Belgium (CCB), we have received a list of ideas to improve our security posture along with 2 vulnerabilities:
|
Thanks to a pentest conducted on behalf of the Centre for Cyber Security Belgium (CCB), we have received a list of ideas to improve our security posture along with 2 vulnerabilities:
|
||||||
|
|
||||||
- 2 XSS vulnerabilities (reported and fixed, more info via CVE-2020-10246 and CVE-2020-10247)
|
- 2 XSS vulnerabilities (reported and fixed, more info via [CVE-2020-10246](/security) and [CVE-2020-10247](/security))
|
||||||
- various improvements for our password policy
|
- various improvements for our password policy
|
||||||
- Improvements by adding preventative headers
|
- Improvements by adding preventative headers
|
||||||
- Providing the more information to the users by revealing potential foul play
|
- Providing the more information to the users by revealing potential foul play
|
||||||
|
|
||||||
We would hereby like to thank both the contracted part as well as CCB for sharing the results with us. We are always glad to receive pentest results, it's a great way for organisations to improve the security of MISP and we highly encourage everyone to MISP for potential issues and to let us know - we will do our best to fix any identified issues as soon as possible.
|
We would hereby like to thank both the contracted part as well as CCB for sharing the results with us. We are always glad to receive pentest results, it's a great way for organisations to improve the security of MISP and we highly encourage everyone to MISP for potential issues and to [let us know](/security) - we will do our best to fix any identified issues as soon as possible.
|
||||||
|
|
||||||
# Dashboard system
|
# Dashboard system
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue