7 matches found
CVE-2025-66386
app/Model/EventReport.php in MISP before 2.5.27 allows path traversal in view picture for a site-admin...
CVE-2025-66386
app/Model/EventReport.php in MISP before 2.5.27 allows path traversal in view picture for a site-admin...
CVE-2025-66386
app/Model/EventReport.php in MISP before 2.5.27 allows path traversal in view picture for a site-admin...
CVE-2025-66386
Vulnerability summary for CVE-2025-66386: In MISP up to version 2.5.27, the file app/Model/EventReport.php is vulnerable to a path traversal condition when a site-admin views a picture, enabling navigation outside the intended directory. Affected product: MISP (before 2.5.27). Root cause: path tr...
PT-2025-48318
app/Model/EventReport.php in MISP before 2.5.27 allows path traversal in view picture for a site-admin...
EUVD-2025-199867
app/Model/EventReport.php in MISP before 2.5.27 allows path traversal in view picture for a site-admin...
CVE-2025-66386
app/Model/EventReport.php in MISP before 2.5.27 allows path traversal in view picture for a site-admin...