CVE-2024-45509 Information

Description

In MISP through 2.4.196 app/Controller/BookmarksController.php does not properly restrict access to bookmarks data in the case where the user is not an org admin.

Reference

https://github.com/MISP/MISP/commit/3f3b9a574f349182a545636e12efa39267e9db04