PHP Object Injection Vulnerability in MISP before 2.3.90

PHP Object Injection Vulnerability in MISP before 2.3.90

CVE-2015-5721 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Malware Information Sharing Platform (MISP) before 2.3.90 allows remote attackers to conduct PHP object injection attacks via crafted serialized data, related to TemplatesController.php and populate_event_from_template_attributes.ctp.

Learn more about our Web Application Penetration Testing UK.