Misp-Project: >> Malware Information Sharing Platform >> 2.3.91 Security Vulnerabilities
app/Controller/UsersController.php in MISP before 2.4.164 allows attackers to discover role names (this is information that only the site admin should have).
CVSS Score
4.3
EPSS Score
0.002
Published
2022-10-10
app/Controller/TemplatesController.php in Malware Information Sharing Platform (MISP) before 2.3.92 does not properly restrict filenames under the tmp/files/ directory, which has unspecified impact and attack vectors.
CVSS Score
9.8
EPSS Score
0.004
Published
2016-09-03
Page 2