3 matches found
CVE-2022-27243
An issue was discovered in MISP before 2.4.156. app/View/Users/terms.ctp allows Local File Inclusion via the custom terms file setting...
CVE-2022-27243
An issue was discovered in MISP before 2.4.156. app/View/Users/terms.ctp allows Local File Inclusion via the custom terms file setting...
CVE-2022-27243
CVE-2022-27243 affects MISP versions before 2.4.156. The vulnerability is a Local File Inclusion in the view template app/View/Users/terms.ctp triggered via the custom terms file setting. This could allow an attacker to read local files through the terms functionality. The issue is fixed in 2.4.1...