2 matches found
CVE-2020-29006
MISP before 2.4.135 lacks an ACL check, related to app/Controller/GalaxyElementsController.php and app/Model/GalaxyElement.php...
CVE-2020-29006
The CVE-2020-29006 issue affects MISP before 2.4.135, due to missing ACL checks in GalaxyElementsController.php and GalaxyElement.php. The vulnerability enables improper access control, with CVSS v3.1: Network, Privileges NONE, UI NONE, Scope UNCHANGED, Impact HIGH on Confidentiality, Integrity, ...