4
CVSSv2

CVE-2020-15412

Published: 30/06/2020 Updated: 07/07/2020
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N

Vulnerability Summary

An issue exists in MISP 2.4.128. app/Controller/EventsController.php lacks an event ACL check before proceeding to allow a user to send an event contact form.

Vulnerability Trend

Affected Products

Vendor Product Versions
MispMisp2.4.128