Design/Logic Flaw

2024-02-0909:15:00

PRIOn knowledge base

www.prio-n.com

misp

organisation logo

file extension

7.5 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

39.3%

JSON

An issue was discovered in MISP before 2.4.184. Organisation logo upload is insecure because of a lack of checks for the file extension and MIME type.

CPENameOperatorVersion
misplt2.4.184

CPE	Name	Operator	Version
	misp	lt	2.4.184

References

github.com/MISP/MISP/commit/312d2d5422235235ddd211dcb6bb5bb09c07791f

github.com/MISP/MISP/compare/v2.4.183...v2.4.184