CVE-2025-66386
app/Model/EventReport.php in MISP before 2.5.27 allows path traversal in view picture for a site-admin.
More information : https://github.com/MISP/MISP/commit/7f4a0386d38672eddc139f5735d71c3b749623ce
app/Model/EventReport.php in MISP before 2.5.27 allows path traversal in view picture for a site-admin.
More information : https://github.com/MISP/MISP/commit/7f4a0386d38672eddc139f5735d71c3b749623ce