CVE-2022-48329
on github
Published
Severity
CVSS v3:
9.8 CRITICAL
CVSS v2:
N/A
Description
MISP before 2.4.166 unsafely allows users to use the order parameter, related to app/Model/Attribute.php, app/Model/GalaxyCluster.php, app/Model/Workflow.php, and app/Plugin/Assets/models/behaviors/LogableBehavior.php.
References
Configurations
CPE23 | Version Start | Version End | Exact Version |
---|---|---|---|
cpe:2.3:a:misp:misp:*:*:*:*:*:*:*:* | n/a | 2.4.166 | * |