MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
MISP/app
History
iglocska afdcc1af0c Fixed a security issue with the CSRF protection being avoidable using some site admin functionality 
- as discovered and reported by Egidio Romano of Minded Security

- Lacking checks of HTTP methods in some functionality could lead to a site admin uploading and executing malicious scripts

- Tightened HTTP method verification across the board for actions that modify data
- Turned some administrative tasks to POST only actions
 		2015-11-13 23:57:03 +01:00
..
Config Several bigger changes 2015-08-17 16:10:10 +02:00
Console Fixed an issue where the recorrelation of all events would run into memory issues 2015-09-24 10:36:02 +02:00
Controller Fixed a security issue with the CSRF protection being avoidable using some site admin functionality 2015-11-13 23:57:03 +01:00
Lib Fixes to several issues, fixes #693 2015-10-21 23:44:07 +02:00
Locale/eng/LC_MESSAGES
Model Fixed a security issue with the site admin file uploader 2015-11-13 23:48:29 +01:00
Plugin Improved logging, fixes #695 2015-11-08 22:35:46 +01:00
Test
Vendor
View Fixed a security issue with the CSRF protection being avoidable using some site admin functionality 2015-11-13 23:57:03 +01:00
files Export MISP tags as STIX journal entries 2015-08-31 12:55:42 +02:00
tmp
webroot Removed obsolete gitignore files, fixes #704 2015-11-03 17:06:21 +01:00
.htaccess
Makefile
index.php