CVE-2021-31780

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
23/04/2021
Last modified:
22/06/2026

Description

In app/Model/MispObject.php in MISP 2.4.141, an incorrect sharing group association could lead to information disclosure on an event edit. When an object has a sharing group associated with an event edit, the sharing group object is ignored and instead the passed local ID is reused.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:misp-project:misp:2.4.141:*:*:*:*:*:*:*