mirror of https://github.com/MISP/MISP
afdcc1af0c
- as discovered and reported by Egidio Romano of Minded Security - Lacking checks of HTTP methods in some functionality could lead to a site admin uploading and executing malicious scripts - Tightened HTTP method verification across the board for actions that modify data - Turned some administrative tasks to POST only actions |
||
---|---|---|
.. | ||
Component | ||
AppController.php | ||
AttributesController.php | ||
EventBlacklistsController.php | ||
EventsController.php | ||
JobsController.php | ||
LogsController.php | ||
PagesController.php | ||
PostsController.php | ||
RegexpController.php | ||
RolesController.php | ||
ServersController.php | ||
ShadowAttributesController.php | ||
TagsController.php | ||
TasksController.php | ||
TemplateElementsController.php | ||
TemplatesController.php | ||
ThreadsController.php | ||
UsersController.php | ||
WhitelistsController.php |