MISP Modules Cross-Site Request Forgery Vulnerability

Vulnerability

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the MISP Modules website, affecting versions through 3.0.7. The issue arises because the home blueprint was exempt from CSRF protection, allowing an attacker to trick an authenticated user into sending unintended requests to the home endpoint. This could lead to unauthorized modifications of session query data for the affected user.

Impact

Exploitation of this vulnerability could result in Cross-Site Request Forgery, allowing for unauthorized actions to be performed on behalf of an authenticated user.

Added: May 13, 2026, 8:23 PM

Updated: May 13, 2026, 8:23 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

6.2

remediation

0.0

relevance

8.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

6.2

remediation

0.0

relevance

8.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

MISP Modules Cross-Site Request Forgery Vulnerability

Vulnerability

Impact

Affected Products

MISP Modules

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating