A vulnerability was found in MISP up to 2.4.186 and classified as problematic. This issue affects the function
add_misp_export
of the file app/Controller/EventsController.php. The manipulation leads to unrestricted upload.
The identification of this vulnerability is CVE-2024-29859. Access to the local network is required for this attack. There is no exploit available.
It is recommended to upgrade the affected component.