CVE-2019-19379

Name of the Vulnerable Software and Affected Versions MISP version 2.4.118

Description The issue allows users to bypass intended restrictions on tagging data in the TagsController.php file, located in the app/Controller directory.

Recommendations For MISP version 2.4.118, consider restricting access to the TagsController.php file until a patch is available. As a temporary workaround, review and limit user permissions to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.