CVE-2018-8949

CVE-2018-8949

An issue was discovered in app/Model/Attribute.php in MISP before 2.4.89. There is a critical API integrity bug, potentially allowing users to delete attributes of other events. A crafted edit for an event (without attribute UUIDs but attribute IDs set) could overwrite an existing attribute.

Source: CVE-2018-8949

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다