Merge branch 'develop' into 2.4

2024-02-16 16:51:21 +01:00 · 2024-02-16 16:51:21 +01:00 · b2cb4faedc
parent 90126dc1dd 5ac9c995aa
commit b2cb4faedc
54 changed files with 134 additions and 58 deletions
--- a/.gitignore
+++ b/.gitignore
@ -82,6 +82,15 @@ app/Lib/EventWarning/Custom/*
 !/app/webroot/img/orgs/MISP.png
 !/app/webroot/img/orgs/NATO.png
 !/app/webroot/img/orgs/NCIRC.png
 /app/files/img/custom/*
 !/app/files/img/custom/empty
 !/app/files/img/orgs
 /app/files/img/orgs/*
 !/app/files/img/orgs/ADMIN.png
 !/app/files/img/orgs/MIL.be.png
 !/app/files/img/orgs/MISP.png
 !/app/files/img/orgs/NATO.png
 !/app/files/img/orgs/NCIRC.png
 /app/Config/bootstrap.php
 /app/Config/database.php
 /app/Config/core.php
--- a/2
+++ b/2
@ -1 +1 @@
-Subproject commit c0077c19cf3843a65d5b26076dd26deca0405033
+Subproject commit 492cfba2d2ad015d3fcda6e16c221fdefd93eca2
--- a/VERSION.json
+++ b/VERSION.json
@ -1 +1 @@
-{"major":2, "minor":4, "hotfix":184}
+{"major":2, "minor":4, "hotfix":185}
--- a/app/Controller/AppController.php
+++ b/app/Controller/AppController.php
@ -34,7 +34,7 @@ class AppController extends Controller
    public $helpers = array('OrgImg', 'FontAwesome', 'UserName');
    private $__queryVersion = '158';
-    public $pyMispVersion = '2.4.184';
+    public $pyMispVersion = '2.4.185';
    public $phpmin = '7.2';
    public $phprec = '7.4';
    public $phptoonew = '8.0';
--- a/app/Controller/Component/RestResponseComponent.php
+++ b/app/Controller/Component/RestResponseComponent.php
@ -1052,7 +1052,7 @@ class RestResponseComponent extends Component
                'input' => 'radio',
                'type' => 'integer',
                'values' => array(1 => 'True', 0 => 'False' ),
-                'help' => __('Include deleted elements')
+                'help' => __('Default value 0. If set to 1, only soft-deleted attributes will be returned. If set to [0,1] , both deleted and non-deleted attributes wil be returned')
            ),
            'delta_merge' => array(
                'input' => 'radio',
--- a/app/Controller/Component/RestSearchComponent.php
+++ b/app/Controller/Component/RestSearchComponent.php
@ -180,7 +180,10 @@ class RestSearchComponent extends Component
            'attackGalaxy',
            'object_relation',
            'metadata',
-            'includeAllTags'
+            'includeAllTags',
            'object_name',
            'object_template_uuid',
            'object_template_version'
        ],
        'Sighting' => [
            'context',
--- a/app/Controller/OrganisationsController.php
+++ b/app/Controller/OrganisationsController.php
@ -506,7 +506,7 @@ class OrganisationsController extends AppController
            }
            if (!empty($logo['tmp_name']) && is_uploaded_file($logo['tmp_name'])) {
-                return move_uploaded_file($logo['tmp_name'], APP . 'webroot/img/orgs/' . $filename);
+                return move_uploaded_file($logo['tmp_name'], APP . 'files/img/orgs/' . $filename);
            }
        }
--- a/app/Controller/ServersController.php
+++ b/app/Controller/ServersController.php
@ -1769,6 +1769,7 @@ class ServersController extends AppController
                $perm_sighting = isset($result['info']['perm_sighting']) ? $result['info']['perm_sighting'] : false;
                $local_version = $this->Server->checkMISPVersion();
                $version = explode('.', $result['info']['version']);
                $uuid = isset($result['info']['uuid']) ? $result['info']['uuid'] : '?';
                $mismatch = false;
                $newer = false;
                $parts = array('major', 'minor', 'hotfix');
@ -1804,6 +1805,7 @@ class ServersController extends AppController
                    'response_encoding' => isset($result['post']['content-encoding']) ? $result['post']['content-encoding'] : null,
                    'request_encoding' => isset($result['info']['request_encoding']) ? $result['info']['request_encoding'] : null,
                    'client_certificate' => $result['client_certificate'],
                    'uuid' => $uuid,
                ], 'json');
            } else {
                $result['status'] = 3;
@ -1887,6 +1889,7 @@ class ServersController extends AppController
            'perm_sync' => (bool) $user['Role']['perm_sync'],
            'perm_sighting' => (bool) $user['Role']['perm_sighting'],
            'perm_galaxy_editor' => (bool) $user['Role']['perm_galaxy_editor'],
            'uuid' => $user['Role']['perm_sync'] ? Configure::read('MISP.uuid') : '-',
            'request_encoding' => $this->CompressedRequestHandler->supportedEncodings(),
            'filter_sightings' => true, // check if Sightings::filterSightingUuidsForPush method is supported
        ];
--- a/app/Locale/ara/LC_MESSAGES/default.po
+++ b/app/Locale/ara/LC_MESSAGES/default.po
@ -14679,7 +14679,7 @@ msgstr ""
 #: View/Events/automation.ctp:67
 #: View/Events/legacy_automation.ctp:315
-msgid "If this parameter is set to 1, it will return soft-deleted attributes along with active ones. By using \"only\" as a parameter it will limit the returned data set to soft-deleted data only."
+msgid "Default value 0. If set to 1, only soft-deleted attributes will be returned. If set to [0,1] , both deleted and non-deleted attributes wil be returned."
 msgstr ""
 #: View/Events/automation.ctp:68
--- a/app/Locale/cze/LC_MESSAGES/default.po
+++ b/app/Locale/cze/LC_MESSAGES/default.po
@ -14651,7 +14651,7 @@ msgstr ""
 #: View/Events/automation.ctp:67
 #: View/Events/legacy_automation.ctp:315
-msgid "If this parameter is set to 1, it will return soft-deleted attributes along with active ones. By using \"only\" as a parameter it will limit the returned data set to soft-deleted data only."
+msgid "Default value 0. If set to 1, only soft-deleted attributes will be returned. If set to [0,1] , both deleted and non-deleted attributes wil be returned."
 msgstr ""
 #: View/Events/automation.ctp:68
--- a/app/Locale/dan/LC_MESSAGES/default.po
+++ b/app/Locale/dan/LC_MESSAGES/default.po
@ -14624,7 +14624,7 @@ msgstr ""
 #: View/Events/automation.ctp:67
 #: View/Events/legacy_automation.ctp:315
-msgid "If this parameter is set to 1, it will return soft-deleted attributes along with active ones. By using \"only\" as a parameter it will limit the returned data set to soft-deleted data only."
+msgid "Default value 0. If set to 1, only soft-deleted attributes will be returned. If set to [0,1] , both deleted and non-deleted attributes wil be returned."
 msgstr ""
 #: View/Events/automation.ctp:68
--- a/app/Locale/default.pot
+++ b/app/Locale/default.pot
@ -15934,7 +15934,7 @@ msgstr ""
 #: View/Events/automation.ctp:67
 #: View/Events/legacy_automation.ctp:315
-msgid "If this parameter is set to 1, it will return soft-deleted attributes along with active ones. By using \"only\" as a parameter it will limit the returned data set to soft-deleted data only."
+msgid "Default value 0. If set to 1, only soft-deleted attributes will be returned. If set to [0,1] , both deleted and non-deleted attributes wil be returned."
 msgstr ""
 #: View/Events/automation.ctp:68
--- a/app/Locale/deu/LC_MESSAGES/default.po
+++ b/app/Locale/deu/LC_MESSAGES/default.po
@ -14622,7 +14622,7 @@ msgstr ""
 #: View/Events/automation.ctp:67
 #: View/Events/legacy_automation.ctp:315
-msgid "If this parameter is set to 1, it will return soft-deleted attributes along with active ones. By using \"only\" as a parameter it will limit the returned data set to soft-deleted data only."
+msgid "Default value 0. If set to 1, only soft-deleted attributes will be returned. If set to [0,1] , both deleted and non-deleted attributes wil be returned."
 msgstr ""
 #: View/Events/automation.ctp:68
--- a/app/Locale/fra/LC_MESSAGES/default.po
+++ b/app/Locale/fra/LC_MESSAGES/default.po
@ -14626,7 +14626,7 @@ msgstr "Par défaut (0), tout les attributs qui correspondent aux autres paramè
 #: View/Events/automation.ctp:67
 #: View/Events/legacy_automation.ctp:315
-msgid "If this parameter is set to 1, it will return soft-deleted attributes along with active ones. By using \"only\" as a parameter it will limit the returned data set to soft-deleted data only."
+msgid "Default value 0. If set to 1, only soft-deleted attributes will be returned. If set to [0,1] , both deleted and non-deleted attributes wil be returned."
 msgstr "Si le paramètre est défini à 1, cela va retourner les attributs mis à la corbeille ainsi que les attributs actifs. En utilisant \"only\" en tant que paramètre, cela va seulement retourner les données mises à la corbeille."
 #: View/Events/automation.ctp:68
--- a/app/Locale/hun/LC_MESSAGES/default.po
+++ b/app/Locale/hun/LC_MESSAGES/default.po
@ -14622,7 +14622,7 @@ msgstr ""
 #: View/Events/automation.ctp:67
 #: View/Events/legacy_automation.ctp:315
-msgid "If this parameter is set to 1, it will return soft-deleted attributes along with active ones. By using \"only\" as a parameter it will limit the returned data set to soft-deleted data only."
+msgid "Default value 0. If set to 1, only soft-deleted attributes will be returned. If set to [0,1] , both deleted and non-deleted attributes wil be returned."
 msgstr ""
 #: View/Events/automation.ctp:68
--- a/app/Locale/ita/LC_MESSAGES/default.po
+++ b/app/Locale/ita/LC_MESSAGES/default.po
@ -14625,7 +14625,7 @@ msgstr "Per impostazione predefinita (0) tutti gli attributi restituiti rispondo
 #: View/Events/automation.ctp:67
 #: View/Events/legacy_automation.ctp:315
-msgid "If this parameter is set to 1, it will return soft-deleted attributes along with active ones. By using \"only\" as a parameter it will limit the returned data set to soft-deleted data only."
+msgid "Default value 0. If set to 1, only soft-deleted attributes will be returned. If set to [0,1] , both deleted and non-deleted attributes wil be returned."
 msgstr "Se questo parametro è impostato a 1, verranno restituiti attributi \"soft-deleted\" insieme a quelli attivi. Utilizzando \"only\" come parametro verranno restituiti solo gli attributi \"soft-deleted\"."
 #: View/Events/automation.ctp:68
--- a/app/Locale/jpn/LC_MESSAGES/default.po
+++ b/app/Locale/jpn/LC_MESSAGES/default.po
@ -14608,7 +14608,7 @@ msgstr "デフォルトの (0) では、to_ids の設定に関係なく、他の
 #: View/Events/automation.ctp:67
 #: View/Events/legacy_automation.ctp:315
-msgid "If this parameter is set to 1, it will return soft-deleted attributes along with active ones. By using \"only\" as a parameter it will limit the returned data set to soft-deleted data only."
+msgid "Default value 0. If set to 1, only soft-deleted attributes will be returned. If set to [0,1] , both deleted and non-deleted attributes wil be returned."
 msgstr "このパラメーターを 1 に設定すると、ソフト削除されたアトリビュートがアクティなアトリビュートと共に返されます。\"only\"をパラメーターとして使用すると、返されるデータはソフト削除されたデータのみに制限されます。"
 #: View/Events/automation.ctp:68
--- a/app/Locale/kor/LC_MESSAGES/default.po
+++ b/app/Locale/kor/LC_MESSAGES/default.po
@ -14609,7 +14609,7 @@ msgstr ""
 #: View/Events/automation.ctp:67
 #: View/Events/legacy_automation.ctp:315
-msgid "If this parameter is set to 1, it will return soft-deleted attributes along with active ones. By using \"only\" as a parameter it will limit the returned data set to soft-deleted data only."
+msgid "Default value 0. If set to 1, only soft-deleted attributes will be returned. If set to [0,1] , both deleted and non-deleted attributes wil be returned."
 msgstr ""
 #: View/Events/automation.ctp:68
--- a/app/Locale/no/LC_MESSAGES/default.po
+++ b/app/Locale/no/LC_MESSAGES/default.po
@ -14625,7 +14625,7 @@ msgstr "Som standard (0) returneres alle attributter som samsvarer med de andre
 #: View/Events/automation.ctp:67
 #: View/Events/legacy_automation.ctp:315
-msgid "If this parameter is set to 1, it will return soft-deleted attributes along with active ones. By using \"only\" as a parameter it will limit the returned data set to soft-deleted data only."
+msgid "Default value 0. If set to 1, only soft-deleted attributes will be returned. If set to [0,1] , both deleted and non-deleted attributes wil be returned."
 msgstr "Hvis denne parameteren er satt til 1, vil den returnere myke slettede attributter sammen med aktive. Ved å bruke \"only\" som en parameter, vil det begrense det returnerte datasettet til bare slettede data."
 #: View/Events/automation.ctp:68
--- a/app/Locale/pol/LC_MESSAGES/default.po
+++ b/app/Locale/pol/LC_MESSAGES/default.po
@ -14651,7 +14651,7 @@ msgstr ""
 #: View/Events/automation.ctp:67
 #: View/Events/legacy_automation.ctp:315
-msgid "If this parameter is set to 1, it will return soft-deleted attributes along with active ones. By using \"only\" as a parameter it will limit the returned data set to soft-deleted data only."
+msgid "Default value 0. If set to 1, only soft-deleted attributes will be returned. If set to [0,1] , both deleted and non-deleted attributes wil be returned."
 msgstr ""
 #: View/Events/automation.ctp:68
--- a/app/Locale/pt/LC_MESSAGES/default.po
+++ b/app/Locale/pt/LC_MESSAGES/default.po
@ -7964,7 +7964,7 @@ msgstr ""
 #: View/Events/automation.ctp:42
 #: View/Events/legacy_automation.ctp:315
-msgid "If this parameter is set to 1, it will return soft-deleted attributes along with active ones. By using \"only\" as a parameter it will limit the returned data set to soft-deleted data only."
+msgid "Default value 0. If set to 1, only soft-deleted attributes will be returned. If set to [0,1] , both deleted and non-deleted attributes wil be returned."
 msgstr ""
 #: View/Events/automation.ctp:43
--- a/app/Locale/pt_BR/LC_MESSAGES/default.po
+++ b/app/Locale/pt_BR/LC_MESSAGES/default.po
@ -14623,7 +14623,7 @@ msgstr ""
 #: View/Events/automation.ctp:67
 #: View/Events/legacy_automation.ctp:315
-msgid "If this parameter is set to 1, it will return soft-deleted attributes along with active ones. By using \"only\" as a parameter it will limit the returned data set to soft-deleted data only."
+msgid "Default value 0. If set to 1, only soft-deleted attributes will be returned. If set to [0,1] , both deleted and non-deleted attributes wil be returned."
 msgstr ""
 #: View/Events/automation.ctp:68
--- a/app/Locale/ro/LC_MESSAGES/default.po
+++ b/app/Locale/ro/LC_MESSAGES/default.po
@ -14636,7 +14636,7 @@ msgstr ""
 #: View/Events/automation.ctp:67
 #: View/Events/legacy_automation.ctp:315
-msgid "If this parameter is set to 1, it will return soft-deleted attributes along with active ones. By using \"only\" as a parameter it will limit the returned data set to soft-deleted data only."
+msgid "Default value 0. If set to 1, only soft-deleted attributes will be returned. If set to [0,1] , both deleted and non-deleted attributes wil be returned."
 msgstr ""
 #: View/Events/automation.ctp:68
--- a/app/Locale/rus/LC_MESSAGES/default.po
+++ b/app/Locale/rus/LC_MESSAGES/default.po
@ -14650,7 +14650,7 @@ msgstr "По-умолчанию (а также при значении 0) в п
 #: View/Events/automation.ctp:67
 #: View/Events/legacy_automation.ctp:315
-msgid "If this parameter is set to 1, it will return soft-deleted attributes along with active ones. By using \"only\" as a parameter it will limit the returned data set to soft-deleted data only."
+msgid "Default value 0. If set to 1, only soft-deleted attributes will be returned. If set to [0,1] , both deleted and non-deleted attributes wil be returned."
 msgstr "По-умолчанию (а также при значении 0) в поиск попадают только активные атрибуты. Если параметр равен 1, то в поиск попадут дополнительно удаленные атрибуты. Если используется ключевое слово \"only\", то в результаты поиска попадут только удаленные атрибуты. "
 #: View/Events/automation.ctp:68
--- a/app/Locale/si-LK/LC_MESSAGES/default.po
+++ b/app/Locale/si-LK/LC_MESSAGES/default.po
@ -14638,7 +14638,7 @@ msgstr "පෙරනිමියෙන් (0) to_ids සිටුවම් න
 #: View/Events/automation.ctp:67
 #: View/Events/legacy_automation.ctp:315
-msgid "If this parameter is set to 1, it will return soft-deleted attributes along with active ones. By using \"only\" as a parameter it will limit the returned data set to soft-deleted data only."
+msgid "Default value 0. If set to 1, only soft-deleted attributes will be returned. If set to [0,1] , both deleted and non-deleted attributes wil be returned."
 msgstr "මෙම පරාමිතිය 1 ලෙස සකසා ඇත්නම්, එය සක්‍රිය ඒවා සමඟ මෘදු-මකා දැමූ ගුණාංග ලබා දෙනු ඇත. පරාමිතියක් ලෙස \"පමණක්\" භාවිතා කිරීමෙන් එය ආපසු ලබා දෙන දත්ත කට්ටලය මෘදු-මකා දැමූ දත්ත වලට පමණක් සීමා කරයි."
 #: View/Events/automation.ctp:68
--- a/app/Locale/spa/LC_MESSAGES/default.po
+++ b/app/Locale/spa/LC_MESSAGES/default.po
@ -14624,7 +14624,7 @@ msgstr ""
 #: View/Events/automation.ctp:67
 #: View/Events/legacy_automation.ctp:315
-msgid "If this parameter is set to 1, it will return soft-deleted attributes along with active ones. By using \"only\" as a parameter it will limit the returned data set to soft-deleted data only."
+msgid "Default value 0. If set to 1, only soft-deleted attributes will be returned. If set to [0,1] , both deleted and non-deleted attributes wil be returned."
 msgstr ""
 #: View/Events/automation.ctp:68
--- a/app/Locale/swe/LC_MESSAGES/default.po
+++ b/app/Locale/swe/LC_MESSAGES/default.po
@ -10898,7 +10898,7 @@ msgstr ""
 #: View/Events/automation.ctp:52
 #: View/Events/legacy_automation.ctp:315
-msgid "If this parameter is set to 1, it will return soft-deleted attributes along with active ones. By using \"only\" as a parameter it will limit the returned data set to soft-deleted data only."
+msgid "Default value 0. If set to 1, only soft-deleted attributes will be returned. If set to [0,1] , both deleted and non-deleted attributes wil be returned."
 msgstr ""
 #: View/Events/automation.ctp:53
--- a/app/Locale/th_TH/LC_MESSAGES/default.po
+++ b/app/Locale/th_TH/LC_MESSAGES/default.po
@ -14620,7 +14620,7 @@ msgstr ""
 #: View/Events/automation.ctp:67
 #: View/Events/legacy_automation.ctp:315
-msgid "If this parameter is set to 1, it will return soft-deleted attributes along with active ones. By using \"only\" as a parameter it will limit the returned data set to soft-deleted data only."
+msgid "Default value 0. If set to 1, only soft-deleted attributes will be returned. If set to [0,1] , both deleted and non-deleted attributes wil be returned."
 msgstr ""
 #: View/Events/automation.ctp:68
--- a/app/Locale/ukr/LC_MESSAGES/default.po
+++ b/app/Locale/ukr/LC_MESSAGES/default.po
@ -6030,7 +6030,7 @@ msgid "By default (0) all attributes are returned that match the other filter pa
 msgstr ""
 #: View/Events/automation.ctp:315
-msgid "If this parameter is set to 1, it will return soft-deleted attributes along with active ones. By using \"only\" as a parameter it will limit the returned data set to soft-deleted data only."
+msgid "Default value 0. If set to 1, only soft-deleted attributes will be returned. If set to [0,1] , both deleted and non-deleted attributes wil be returned."
 msgstr ""
 #: View/Events/automation.ctp:316
--- a/app/Locale/zh-s/LC_MESSAGES/default.po
+++ b/app/Locale/zh-s/LC_MESSAGES/default.po
@ -14619,7 +14619,7 @@ msgstr "默认情况下(0), 返回所有与其他过滤器参数匹配的属性,
 #: View/Events/automation.ctp:67
 #: View/Events/legacy_automation.ctp:315
-msgid "If this parameter is set to 1, it will return soft-deleted attributes along with active ones. By using \"only\" as a parameter it will limit the returned data set to soft-deleted data only."
+msgid "Default value 0. If set to 1, only soft-deleted attributes will be returned. If set to [0,1] , both deleted and non-deleted attributes wil be returned."
 msgstr "如果这个参数被设置为1, 它将返回软删除的属性和活动属性. 如果使用\"only\"作为参数, 则返回的数据集将只限于软删除的数据."
 #: View/Events/automation.ctp:68
--- a/app/Model/AppModel.php
+++ b/app/Model/AppModel.php
@ -27,6 +27,7 @@ App::uses('FileAccessTool', 'Tools');
 App::uses('JsonTool', 'Tools');
 App::uses('RedisTool', 'Tools');
 App::uses('BetterCakeEventManager', 'Tools');
 App::uses('Folder', 'Utility');
 class AppModel extends Model
 {
@ -86,7 +87,7 @@ class AppModel extends Model
        99 => false, 100 => false, 101 => false, 102 => false, 103 => false, 104 => false,
        105 => false, 106 => false, 107 => false, 108 => false, 109 => false, 110 => false,
        111 => false, 112 => false, 113 => true, 114 => false, 115 => false, 116 => false,
-        117 => false, 118 => false, 119 => false,
+        117 => false, 118 => false, 119 => false, 120 => false
    );
    const ADVANCED_UPDATES_DESCRIPTION = array(
@ -272,6 +273,9 @@ class AppModel extends Model
                $this->removeDuplicatedUUIDs();
                $dbUpdateSuccess = $this->updateDatabase('createUUIDsConstraints');
                break;
            case 120:
                $dbUpdateSuccess = $this->moveImages();
                break;
            default:
                $dbUpdateSuccess = $this->updateDatabase($command);
                break;
@ -4076,4 +4080,32 @@ class AppModel extends Model
    {
        return preg_match('/^[\w\_\-\. ]+$/', $param);
    }
    public function moveImages()
    {
        $oldImageDir = APP . 'webroot/img';
        $newImageDir = APP . 'files/img';
        $oldOrgDir = new Folder($oldImageDir . '/orgs');
        $oldCustomDir = new Folder($oldImageDir . '/custom');
        $result = false;
        $result = $oldOrgDir->copy([
            'from' => $oldImageDir . '/orgs',
            'to' => $newImageDir . '/orgs',
            'scheme' => Folder::OVERWRITE,
            'recursive' => true
        ]);
        if ($result) {
            $oldOrgDir->delete();
        }
        $result = $oldCustomDir->copy([
            'from' => $oldImageDir . '/custom',
            'to' => $newImageDir . '/custom',
            'scheme' => Folder::OVERWRITE,
            'recursive' => true
        ]);
        if ($result) {
            $oldCustomDir->delete();
        }
        return true;
    }
 }
--- a/app/Model/Attribute.php
+++ b/app/Model/Attribute.php
@ -2402,11 +2402,15 @@ class Attribute extends AppModel
                $timestamp[0] = $timestamp[1];
                $timestamp[1] = $temp;
            }
-            $conditions['AND'][] = array($scope . ' >=' => $timestamp[0]);
+            if ($timestamp[0] != 0) {
                $conditions['AND'][] = array($scope . ' >=' => $timestamp[0]);
            }
            $conditions['AND'][] = array($scope . ' <=' => $timestamp[1]);
        } else {
            $timestamp = $this->resolveTimeDelta($timestamp);
-            $conditions['AND'][] = array($scope . ' >=' => $timestamp);
+            if ($timestamp !== 0) {
                $conditions['AND'][] = array($scope . ' >=' => $timestamp);
            }
        }
        if ($returnRaw) {
            return $timestamp;
@ -2428,7 +2432,7 @@ class Attribute extends AppModel
            $conditions['AND'][] = array($scope . ' <=' => $timestamp[1]);
        } else {
            $timestamp = intval($this->resolveTimeDelta($timestamp)) * 1000000; // seen in stored in micro-seconds in the DB
-            if ($scope == 'Attribute.first_seen') {
+            if ($scope == 'Attribute.first_seen' || $scope == 'Object.first_seen') {
                $conditions['AND'][] = array($scope . ' >=' => $timestamp);
            } else {
                $conditions['AND'][] = array($scope . ' <=' => $timestamp);
--- a/app/Model/Sighting.php
+++ b/app/Model/Sighting.php
@ -1102,8 +1102,12 @@ class Sighting extends AppModel
                $conditions['Attribute.uuid'] = $filters['uuid'];
                $contain[] = 'Attribute';
            } elseif ($filters['context'] === 'event') {
-                $conditions['Event.uuid'] = $filters['uuid'];
+                $temp = $this->Event->find('column', [
-                $contain[] = 'Event';
+                    'recursive' => -1,
                    'fields' => ['Event.id'],
                    'conditions' => ['Event.uuid IN' => $filters['uuid']]
                ]);
                $conditions['Sighting.event_id'] = empty($temp) ? -1 : $temp;
            }
        }
@ -1131,15 +1135,30 @@ class Sighting extends AppModel
        $tmpfile = new TmpFileTool();
        $tmpfile->write($exportTool->header($exportToolParams));
        $separator = $exportTool->separator($exportToolParams);
-
+        
        // fetch sightings matching the query without ACL checks
-        $sightingIds = $this->find('column', [
+        if (!empty($conditions['Sighting.event_id']) && is_array($conditions['Sighting.event_id'])) {
-            'conditions' => $conditions,
+            $conditions_copy = $conditions;
-            'fields' => ['Sighting.id'],
+            $sightingIds = [];
-            'contain' => $contain,
+            foreach ($conditions['Sighting.event_id'] as $e_id) {
-            'order' => 'Sighting.id',
+                $conditions_copy['Sighting.event_id'] = $e_id;
-        ]);
+                $tempIds = $this->find('column', [
-
+                    'conditions' => $conditions,
                    'fields' => ['Sighting.id'],
                    'contain' => $contain
                ]);
                if (!empty($tempIds)) {
                    $sightingIds = array_merge($sightingIds, $tempIds);
                }
            }
        } else {
            $sightingIds = $this->find('column', [
                'conditions' => $conditions,
                'fields' => ['Sighting.id'],
                'contain' => $contain
            ]);
        }
        foreach (array_chunk($sightingIds, 500) as $chunk) {
            // fetch sightings with ACL checks and sighting policies
            $sightings = $this->getSightings($user, $chunk, $includeEvent, $includeAttribute, $includeUuid);
--- a/app/View/Events/automation.ctp
+++ b/app/View/Events/automation.ctp
@ -64,7 +64,7 @@
                "published" => __('Set whether published or unpublished events should be returned. Do not set the parameter if you want both.'),
                "enforceWarninglist" => __('Remove any attributes from the result that would cause a hit on a warninglist entry.'),
                "to_ids" => __('By default (0) all attributes are returned that match the other filter parameters, regardless of their to_ids setting. To restrict the returned data set to to_ids only attributes set this parameter to 1. You can only use the special "exclude" setting to only return attributes that have the to_ids flag disabled.'),
-                "deleted" => __('If this parameter is set to 1, it will return soft-deleted attributes along with active ones. By using "only" as a parameter it will limit the returned data set to soft-deleted data only.'),
+                "deleted" => __('Default value 0. If set to 1, only soft-deleted attributes will be returned. If set to [0,1] , both deleted and non-deleted attributes wil be returned.'),
                "includeEventUuid" => __('Instead of just including the event ID, also include the event UUID in each of the attributes.'),
                "event_timestamp" => __('Only return attributes from events that have received a modification after the given timestamp. The input can be a timestamp or a short-hand time description (7d or 24h for example). You can also pass a list with two values to set a time range (for example ["14d", "7d"]).'),
                "sgReferenceOnly" => __('If this flag is set, sharing group objects will not be included, instead only the sharing group ID is set.'),
--- a/app/View/Events/legacy_automation.ctp
+++ b/app/View/Events/legacy_automation.ctp
@ -312,7 +312,7 @@
    <b>timestamp</b>: <?php echo __('Restrict the results by the timestamp (of the attribute). Any attributes with a timestamp newer than the given timestamp will be returned.');?><br />
    <b>enforceWarninglist</b>: <?php echo __('Remove any attributes from the result that would cause a hit on a warninglist entry.');?><br />
    <b>to_ids</b>: <?php echo __('By default (0) all attributes are returned that match the other filter parameters, irregardless of their to_ids setting. To restrict the returned data set to to_ids only attributes set this parameter to 1. You can only use the special "exclude" setting to only return attributes that have the to_ids flag disabled.'); ?> <br />
-    <b>deleted</b>: <?php echo __('If this parameter is set to 1, it will return soft-deleted attributes along with active ones. By using "only" as a parameter it will limit the returned data set to soft-deleted data only.'); ?> <br />
+    <b>deleted</b>: <?php echo __('Default value 0. If set to 1, only soft-deleted attributes will be returned. If set to [0,1] , both deleted and non-deleted attributes wil be returned.'); ?> <br />
    <b>includeEventUuid</b>: <?php echo __('Instead of just including the event ID, also include the event UUID in each of the attributes.'); ?> <br />
    <b>event_timestamp</b>: <?php echo __('Only return attributes from events that have received a modification after the given timestamp.'); ?> <br /><br />
    <p>For example, to get all attributes of events modified after a given timestamp, simply POST to:</p>
--- a/app/View/Helper/OrgImgHelper.php
+++ b/app/View/Helper/OrgImgHelper.php
@ -1,10 +1,11 @@
 <?php
 App::uses('AppHelper', 'View/Helper');
 App::uses('FileAccessTool', 'Lib/Tools');
 // Helper to retrieve org images with the given parameters
 class OrgImgHelper extends AppHelper
 {
-    const IMG_PATH = APP . WEBROOT_DIR . DS . 'img' . DS . 'orgs' . DS;
+    const IMG_PATH = APP . 'files' . DS . 'img' . DS . 'orgs' . DS;
    /** @var array */
    private $imageCache = [];
@ -55,9 +56,9 @@ class OrgImgHelper extends AppHelper
        if ($orgImgName) {
            $size = !empty($options['size']) ? $options['size'] : 48;
            $result = sprintf(
-                '<img src="%s/img/orgs/%s" title="%s" width="%s" height="%s">',
+                '<img src="data:image/%s;base64,%s" title="%s" width="%s" height="%s">',
-                $baseurl,
+                'png',
-                $orgImgName,
+                base64_encode(FileAccessTool::readFromFile(self::IMG_PATH . $orgImgName)),
                isset($options['name']) ? h($options['name']) : h($options['id']),
                (int)$size,
                (int)$size
--- a/app/webroot/img/orgs/ADMIN.png
+++ b/app/webroot/img/orgs/ADMIN.png
--- a/app/webroot/img/orgs/CERT.at.png
+++ b/app/webroot/img/orgs/CERT.at.png
--- a/app/webroot/img/orgs/CERTat.png
+++ b/app/webroot/img/orgs/CERTat.png
--- a/app/webroot/img/orgs/CIRCL.png
+++ b/app/webroot/img/orgs/CIRCL.png
--- a/app/webroot/img/orgs/MIL.be.png
+++ b/app/webroot/img/orgs/MIL.be.png
--- a/app/webroot/img/orgs/MISP.png
+++ b/app/webroot/img/orgs/MISP.png
--- a/app/webroot/img/orgs/NATO.png
+++ b/app/webroot/img/orgs/NATO.png
--- a/app/webroot/img/orgs/NCIRC.png
+++ b/app/webroot/img/orgs/NCIRC.png
--- a/app/webroot/img/orgs/RISKIQ.png
+++ b/app/webroot/img/orgs/RISKIQ.png
--- a/app/files/img/orgs/empty
+++ b/app/files/img/orgs/empty
--- a/app/files/misp-galaxy
+++ b/app/files/misp-galaxy
@ -1 +1 @@
-Subproject commit effee963cc216bf469f76d5c07fcc43299199cdf
+Subproject commit 7e8d57e741ee1ba6e764c1a5e0ba236fc2f64126
--- a/app/files/misp-objects
+++ b/app/files/misp-objects
@ -1 +1 @@
-Subproject commit 3ac509965fdbca06d8a027db22c0064588babd3c
+Subproject commit 3d12addd56d6e5d00cddcc19cb8a788e7f90c46c
--- a/app/files/scripts/misp-stix
+++ b/app/files/scripts/misp-stix
@ -1 +1 @@
-Subproject commit daaee3ac5cad8f0d182d25658860aee0b5cabed6
+Subproject commit 260920bf7c9d8f678b0d69730acb17e9a34811f2
--- a/app/files/taxonomies
+++ b/app/files/taxonomies
@ -1 +1 @@
-Subproject commit 3d61b20e7ee8bca21f9bffe53c0952c54a6b72b0
+Subproject commit 8cd705ba6200bdd42c0b9565e108b7aaf88db6ac
--- a/app/files/warninglists
+++ b/app/files/warninglists
@ -1 +1 @@
-Subproject commit f718ecd826e0cc7f956b4939fc7914d9d23d4388
+Subproject commit 80eb7028f9de974d7f163a7563e66b582f61cec0
--- a/app/webroot/doc/openapi.yaml
+++ b/app/webroot/doc/openapi.yaml
@ -2908,7 +2908,7 @@ components:
        to_ids:
          $ref: "#/components/schemas/ToIDSRestSearchFlag"
        deleted:
-          $ref: "#/components/schemas/SoftDeletedFlag"
+          $ref: "#/components/schemas/SoftDeletedFlagValuesToInclude"
        event_timestamp:
          $ref: "#/components/schemas/Timestamp"
        threat_level_id:
@ -5433,6 +5433,11 @@ components:
      type: boolean
      default: false
    SoftDeletedFlagValuesToInclude:
      description: 'Whether to include soft-deleted attributes. Default value 0. If set to 1, only deleted attributes will be returned. If set to [0,1], both deleted and non-deleted attributes wil be returned.'
      type: boolean
      default: false
    PublishedFlag:
      type: boolean
      default: false
@ -6469,7 +6474,7 @@ components:
              to_ids:
                $ref: "#/components/schemas/ToIDS"
              deleted:
-                $ref: "#/components/schemas/SoftDeletedFlag"
+                $ref: "#/components/schemas/SoftDeletedFlagValuesToInclude"
              excludeLocalTags:
                $ref: "#/components/schemas/ExcludeLocalTagsRestSearchFilter"
              date:
--- a/db_schema.json
+++ b/db_schema.json
@ -9702,5 +9702,5 @@
            "uuid": false
        }
    },
-    "db_version": "119"
+    "db_version": "120"
-}
+}
--- a/requirements.txt
+++ b/requirements.txt
@ -6,7 +6,7 @@ misp-lib-stix2>=3.0.1.1
 mixbox>=1.0.5
 plyara>=2.1.1
 pydeep2>=0.5.1
-pymisp==2.4.184
+pymisp==2.4.185
 python-magic>=0.4.27
 pyzmq>=25.1.1
 redis>=5.0.1
		`@ -1 +1 @@`
			`Subproject commit c0077c19cf3843a65d5b26076dd26deca0405033`				`Subproject commit 492cfba2d2ad015d3fcda6e16c221fdefd93eca2`
`@ -1 +1 @@`
	`{"major":2, "minor":4, "hotfix":184}`	`{"major":2, "minor":4, "hotfix":185}`
		`@ -1 +1 @@`
			`Subproject commit effee963cc216bf469f76d5c07fcc43299199cdf`				`Subproject commit 7e8d57e741ee1ba6e764c1a5e0ba236fc2f64126`
		`@ -1 +1 @@`
			`Subproject commit 3ac509965fdbca06d8a027db22c0064588babd3c`				`Subproject commit 3d12addd56d6e5d00cddcc19cb8a788e7f90c46c`
		`@ -1 +1 @@`
			`Subproject commit daaee3ac5cad8f0d182d25658860aee0b5cabed6`				`Subproject commit 260920bf7c9d8f678b0d69730acb17e9a34811f2`
		`@ -1 +1 @@`
			`Subproject commit 3d61b20e7ee8bca21f9bffe53c0952c54a6b72b0`				`Subproject commit 8cd705ba6200bdd42c0b9565e108b7aaf88db6ac`
		`@ -1 +1 @@`
			`Subproject commit f718ecd826e0cc7f956b4939fc7914d9d23d4388`				`Subproject commit 80eb7028f9de974d7f163a7563e66b582f61cec0`