CVE-2025-67906
🟡 MEDIUMIn MISP before 2.5.28, app/View/Elements/Workflows/executionPath.ctp allows XSS in the workflow execution path.
Description
Request Expert ReviewIn MISP before 2.5.28, app/View/Elements/Workflows/executionPath.ctp allows XSS in the workflow execution path.
Affected Products (1)
CVSS Scores
References
Additional Information
- Source
- cve@mitre.org
- State
- Modified
Related CVEs
CVE-2025-14029
MEDIUMThe Community Events plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_admin_event...
CVE-2025-12825
MEDIUMThe User Registration Using Contact Form 7 plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the...
CVE-2025-12168
MEDIUMThe Phrase TMS Integration for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on...
CVE-2026-0820
MEDIUMThe RepairBuddy – Repair Shop CRM & Booking Plugin for WordPress plugin for WordPress is vulnerable to Insecure Direct Object Reference due to missing...
CVE-2026-0682
LOWThe Church Admin plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.0.28 due to insufficient va...
CVE-2025-14463
MEDIUMThe Payment Button for PayPal plugin for WordPress is vulnerable to unauthorized order creation in all versions up to, and including, 1.2.3.41. This i...
Share CVE-2025-67906
Share on Social Media
Copy Link
Embed Code
Request Expert Analysis
Request a professional security analysis for CVE-2025-67906 from our verified experts.
Credits System
Use your credits to get expert analysis from verified security professionals. Purchase more credits anytime!