MISP
/
misp-website
mirror of https://github.com/MISP/misp-website
2
0
Fork 0
Code Issues Releases Wiki Activity

chg: [security] add reserved CVE for error-based padding oracle

pull/83/head
Alexandre Dulaunoy 2023-06-30 22:00:29 +02:00
parent 9f5e38a0b3
commit d4624bb63d
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
content/security.md
View File

@ -95,6 +95,7 @@ We firmly believe that, even though unfortunately it is often not regarded as co
- [CVE-2023-28606](https://cvepremium.circl.lu/cve/CVE-2023-28606) < MISP 2.4.169 - js/event-graph.js in MISP before 2.4.169 allows XSS via event-graph node tooltips.
- [CVE-2023-28607](https://cvepremium.circl.lu/cve/CVE-2023-28607) < MISP 2.4.169 - js/event-graph.js in MISP before 2.4.169 allows XSS via the event-graph relationship tooltip.
- [CVE-2023-28884](https://cvepremium.circl.lu/cve/CVE-2023-28884) < MISP 2.4.170 - app/Lib/Tools/CustomPaginationTool.php allows XSS in the community index.
- CVE-2023-37306 - error-based padding oracle
## PGP Key