CVE-2024-29858
CRITICALDescription
In MISP before 2.4.187, __uploadLogo in app/Controller/OrganisationsController.php does not properly check for a valid logo upload.
Is your site exposed to CVE-2024-29858?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| misp | misp |
References
Frequently Asked Questions
What is CVE-2024-29858? +
How severe is CVE-2024-29858? +
What products are affected by CVE-2024-29858? +
How do I check if I'm vulnerable to CVE-2024-29858? +
Related Vulnerabilities
An issue in Beijing Panabit Network Software Co., Ltd Panalog big data analysis platform v. 20240323 and before allows attackers …
File Upload vulnerability in Byzoro Networks Smart multi-service security gateway intelligent management platform version S210, allows an attacker to obtain …
UnoPim is an open-source Product Information Management (PIM) system built on the Laravel framework. A vulnerability exists in the Create …
File upload vulnerability in WebErpMesv2 1.17 in the app/Http/Controllers/FactoryController.php controller. This flaw allows an authenticated attacker to upload arbitrary files, …
Flock Safety Bravo Edge AI Compute Device BRAVO_00.00_local_20241017 accepts the default Thundercomm TurboX 6490 Firehose loader in EDL/QDL mode. This …
An issue was discovered in MISP before 2.4.184. Organisation logo upload is insecure because of a lack of checks for …