CVE-2024-45509

In MISP up to 2.4.196, there is an access control vulnerability in app/Controller/BookmarksController.php that allows non-org-admin users to access bookmarks data. Root cause: insufficient restriction for non-admin users in the BookmarksController. Impact: exposure of bookmarks data with confiden...