MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

fix: [security] restrict setting to cli only. enabling this setting could allow potential ssrf attacks, as reported by Ianis BERNARD - NATO Cyber Security Centre

pull/8227/head
Luciano Righetti 2022-03-17 15:55:10 +01:00
parent 07b091778a
commit 8dcf414340
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
app/Model/Server.php
View File

@ -5867,7 +5867,8 @@ class Server extends AppModel
'value' => false,
'test' => 'testBool',
'type' => 'boolean',
'null' => true
'null' => true,
'cli_only' => 1
),
'rest_client_baseurl' => array(
'level' => 1,