CVE-2020-29006

CVE-2020-29006

EPSS 1.2%

MISP before 2.4.135 lacks an ACL check, related to app/Controller/GalaxyElementsController.php and app/Model/GalaxyElement.php.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/MISP/MISP/commit/423750573d07f1a463f115ef37182c1825080da4 https://github.com/MISP/MISP/compare/v2.4.134...v2.4.135