Vulnerabilities > Misp Project > Malware Information Sharing Platform > 2.3.91

DATE	CVE	VULNERABILITY TITLE	RISK
2022-10-10	CVE-2022-42724	Incorrect Authorization vulnerability in Misp-Project Malware Information Sharing Platform app/Controller/UsersController.php in MISP before 2.4.164 allows attackers to discover role names (this is information that only the site admin should have). network low complexity misp-project CWE-863	4.3
2016-09-03	CVE-2015-5719	Insecure Temporary File Creation vulnerability in Malware Information Sharing Platform app/Controller/TemplatesController.php in Malware Information Sharing Platform (MISP) before 2.3.92 does not properly restrict filenames under the tmp/files/ directory, which has unspecified impact and attack vectors. network low complexity misp-project critical	10.0

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.