VYPR

mist-ce

by Mistio

CVEs (4)

  • CVE-2025-5412LowJun 2, 2025
    risk 0.00cvss 3.5epss 0.00

    A vulnerability classified as problematic has been found in Mist Community Edition up to 4.7.1. Affected is the function Login of the file src/mist/api/views.py of the component Authentication Endpoint. The manipulation of the argument return_to leads to cross site scripting. It…

  • CVE-2025-5411LowJun 1, 2025
    risk 0.00cvss 3.5epss 0.00

    A vulnerability was found in Mist Community Edition up to 4.7.1. It has been rated as problematic. This issue affects the function tag_resources of the file src/mist/api/tag/views.py. The manipulation of the argument tag leads to cross site scripting. The attack may be initiated…

  • CVE-2025-5410MedJun 1, 2025
    risk 0.00cvss 4.3epss 0.00

    A vulnerability was found in Mist Community Edition up to 4.7.1. It has been declared as problematic. This vulnerability affects the function session_start_response of the file src/mist/api/auth/middleware.py. The manipulation leads to cross-site request forgery. The attack can…

  • CVE-2025-5409HigJun 1, 2025
    risk 0.00cvss 7.3epss 0.01

    A vulnerability was found in Mist Community Edition up to 4.7.1. It has been classified as critical. This affects the function create_token of the file src/mist/api/auth/views.py of the component API Token Handler. The manipulation leads to improper access controls. It is…