CVE-2020-28043 Information

Description

MISP through 2.4.133 allows SSRF in the REST client via the use_full_path parameter with an arbitrary URL.

Reference

https://github.com/MISP/MISP/commit/6e81c8ee8ad19576c055b5c4773f914b918f32be