2 matches found
Potential mismanaging of the access and roles
Lines of code Vulnerability details Impact In initiateMigration method we are setting migratedTo to an address of the potential migration contract Later on, if completeMigration is called, it basically checks if the provided oldContract is equal to migratedTo when we enter the migrateReward metho...
Default credentials
The adminedit function in app/Controller/UsersController.php in MISP 2.4.82 mishandles the enablepassword field, which allows admins to discover a hashed password by reading the audit log...