GHSA-gxpp-9rc5-5w9wHighCVSS 7.5

In app/Model/MispObject.php in MISP 2.4.141, an incorrect sharing group association could lead to...

Published
May 24, 2022
Last Modified
June 22, 2026

🔗 CVE IDs covered (1)

📋 Description

In app/Model/MispObject.php in MISP 2.4.141, an incorrect sharing group association could lead to information disclosure on an event edit. When an object has a sharing group associated with an event edit, the sharing group object is ignored and instead the passed local ID is reused.

🔗 References (3)