3 matches found
CVE-2026-60125
CVE-2026-60125 affects MISP: the importModule() path used getEnabledModule() to resolve a module by name, but did not enforce per-organisation restrictions implemented by getEnabledModules(). This can allow an authenticated user from an organisation not allowed to use a restricted module (Plugin....
CVE-2026-60125
MISP’s importModule path used getEnabledModule to resolve a single import module by name, but this lookup did not enforce the per-organisation module restriction checked by getEnabledModules. As a result, an authenticated user from an organisation that was not allowed to use a module restricted v...
HortusFox 安全漏洞
HortusFox is a free and open source self-hosted plant manager system from HortusFox, Inc. A security vulnerability exists in HortusFox version v4.4, which stems from improper handling of compressed files by the /modules/ImportModule.php component and could lead to arbitrary code execution...