CVE-2024-46918

Published September 15th, 2024

View on NVD ↗

CVSS v3

4.9

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

app/Controller/UserLoginProfilesController.php in MISP before 2.4.198 does not prevent an org admin from viewing sensitive login fields of another org admin in the same org.

MISP/MISP

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

GitHub

6.38K