CVE-2022-29533

An issue was discovered in MISP before 2.4.158. There is XSS in app/Controller/OrganisationsController.php in a situation with a "weird single checkbox page."...

CVE-2024-29858

In MISP before 2.4.187, uploadLogo in app/Controller/OrganisationsController.php does not properly check for a valid logo upload...

CVE-2024-29858

In MISP before 2.4.187, uploadLogo in app/Controller/OrganisationsController.php does not properly check for a valid logo upload...

CVE-2024-29858

CVE-2024-29858 affects MISP prior to 2.4.187. The issue is in the uploadLogo function (app/Controller/OrganisationsController.php) which does not properly validate uploaded logos, i.e., it does not correctly check for a valid logo file. This could lead to unsafe logo uploads. Remediation: upgrade...

PT-2024-23086 · Misp · Misp

Name of the Vulnerable Software and Affected Versions: MISP versions prior to 2.4.187 Description: The issue concerns a weak security check in the uploadLogo function within the OrganisationsController.php file. This function does not properly validate logo uploads. Recommendations: For versions...

CVE-2022-29533

An issue was discovered in MISP before 2.4.158. There is XSS in app/Controller/OrganisationsController.php in a situation with a "weird single checkbox page."...