CVE-2025-66386 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

app/Model/EventReport.php in MISP before 2.5.27 allows path traversal in view picture for a site-admin.
Medium CVSS: 4.1

CVE-2025-66386

app/Model/EventReport.php in MISP before 2.5.27 allows path traversal in view picture for a site-admin.
Vendor
-
Product
-
CWE
CWE-23
Yayın Tarihi
2025-11-28 07:15:59
Güncelleme
2025-12-01 15:39:33
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-23 MEDIUM 2025

Referanslar

https://github.com/MISP/MISP/commit/7f4a0386d38672eddc139f5735d71c3b749623ce https://github.com/MISP/MISP/compare/v2.5.26...v2.5.27