CVE-2024-29858 | MISP up to 2.4.186 OrganisationsController.php __uploadLogo unrestricted upload

Inserito da Angelo Barbosa | Mar 21, 2024 | CVE

A vulnerability has been found in MISP up to 2.4.186 and classified as problematic. This vulnerability affects the function __uploadLogo of the file app/Controller/OrganisationsController.php. The manipulation leads to unrestricted upload.

This vulnerability was named CVE-2024-29858. The attack needs to be initiated within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-29858 | MISP up to 2.4.186 OrganisationsController.php __uploadLogo unrestricted upload

Post correlati

CVE-2024-35201 | Intel SDP Tool on Windows default permission (intel-sa-01179)

CVE-2024-32897 | Google Android kernel protocolsmsadapter.cpp GetCwInfo out-of-bounds

CVE-2023-37518 | HCL BigFix ServiceNow Data Flow up to 1.2 code injection (KB0110202)

CVE-2024-46045 | Tenda CH22 1.0.0.6(468) /goform/frmL7ProtForm frmL7PlotForm page stack-based overflow