CVE-2024-29859 | MISP up to 2.4.186 EventsController.php add_misp_export unrestricted upload

Inserito da Angelo Barbosa | Mar 21, 2024 | CVE

A vulnerability was found in MISP up to 2.4.186 and classified as problematic. This issue affects the function add_misp_export of the file app/Controller/EventsController.php. The manipulation leads to unrestricted upload.

The identification of this vulnerability is CVE-2024-29859. Access to the local network is required for this attack. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-29859 | MISP up to 2.4.186 EventsController.php add_misp_export unrestricted upload

Post correlati

CVE-2024-7166 | SourceCodester School Fees Payment System 1.0 /receipt.php ef_id sql injection

CVE-2024-38087 | Microsoft unknown vulnerability

CVE-2023-52077 | nexryai nexkey prior 12.23Q4.5 API Token authorization (GHSA-pjj7-7hcj-9cpc)

CVE-2024-6603 | Mozilla Firefox up to 127.x memory corruption