3 matches found
CVE-2026-54397
A vulnerability in MISP’s non-REST event editing path allowed an authenticated user with event edit permissions to manipulate the submitted form data and set an event’s sharinggroupid to a sharing group they were not authorized to use. When distribution was set to sharing group distribution, the...
EUVD-2026-36577
A vulnerability in MISP’s non-REST event editing path allowed an authenticated user with event edit permissions to manipulate the submitted form data and set an event’s sharinggroupid to a sharing group they were not authorized to use. When distribution was set to sharing group distribution, the...
CVE-2026-54397
MISP CVE-2026-54397 affects the non-REST event editing path. An authenticated user with event edit permissions could tamper with submitted form data to assign an event to a sharing_group_id the user is not authorized to use when distribution is set to sharing group distribution. The non-REST save...