Lucene search

PRIOn knowledge basePRION:CVE-2024-22876

HistoryJan 19, 2024 - 2:15 p.m.

Cross site scripting

2024-01-1914:15:00

PRIOn knowledge base

www.prio-n.com

strangebee thehive

version 5.1.0

version 5.1.9

version 5.2.0

version 5.2.8

cross site scripting

xss

attachment functionality

malicious html

javascript

the hive application

specific url

coerce victim account

analyst

administrator

nvd

6.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

14.0%

JSON

StrangeBee TheHive 5.1.0 to 5.1.9 and 5.2.0 to 5.2.8 is vulnerable to Cross Site Scripting (XSS) in the case attachment functionality which enables an attacker to upload a malicious HTML file with Javascript code that will be executed in the context of the The Hive application using a specific URL. The vulnerability can be used to coerce a victim account to perform specific actions on the application as helping an analyst becoming administrator.

CPENameOperatorVersion
thehivege5.2.0
thehivele5.2.8
thehivege5.1.0
thehivele5.1.9

Name	Operator	Version
thehive	ge	5.2.0
thehive	le	5.2.8
thehive	ge	5.1.0
thehive	le	5.1.9

References

github.com/StrangeBeeCorp/Security/blob/main/Security%20advisories/SB-SEC-ADV-2023-002.md