MISP before 2.4.166 unsafely allows users to use the order parameter, related to app/Model/Attribute.php, app/Model/GalaxyCluster.php, app/Model/Workflow.php, and app/Plugin/Assets/models/behaviors/LogableBehavior.php.
References
Configurations
History
No history.
Information
Published : 2023-02-20 04:15
Updated : 2024-02-28 19:51
NVD link : CVE-2022-48329
Mitre link : CVE-2022-48329
CVE.ORG link : CVE-2022-48329
JSON object : View
Products Affected
misp
- misp
CWE
CWE-755
Improper Handling of Exceptional Conditions