CVE-2024-46918

Published: Sep 15, 2024

Modified: Mar 13, 2025

PUBLISHED

Description

app/Controller/UserLoginProfilesController.php in MISP before 2.4.198 does not prevent an org admin from viewing sensitive login fields of another org admin in the same org.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/MISP/MISP/commit/3a5227d7b3d4518ac109af61979a00145a0de6fa

https://github.com/MISP/MISP/compare/v2.4.197...v2.4.198

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-46918

Description

Affected Products

References