CVE-2021-25323

Published January 19th, 2021

View on NVD ↗

CVSS v3

9.1

CRITICAL

CVSS v2

6.4

MEDIUM

Affected

PROJECT

Description

The default setting of MISP 2.4.136 did not enable the requirements (aka require_password_confirmation) to provide the previous password when changing a password.

MISP/MISP

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

GitHub

6.38K