CVE-2024-25674
on github
Published
Severity
CVSS v3:
9.8 CRITICAL
CVSS v2:
N/A
Description
An issue was discovered in MISP before 2.4.184. Organisation logo upload is insecure because of a lack of checks for the file extension and MIME type.
References
Configurations
| CPE23 | Version Start | Version End | Exact Version |
|---|---|---|---|
| cpe:2.3:a:misp:misp:*:*:*:*:*:*:*:* | n/a | 2.4.184 | * |