{"id":79682,"date":"2026-06-13T00:25:53","date_gmt":"2026-06-12T20:55:53","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2026-54397-misp-event-editing-allows-unauthorized-assignment-to-undisclosed-sharing-groups\/"},"modified":"2026-06-13T00:25:53","modified_gmt":"2026-06-12T20:55:53","slug":"cve-2026-54397-misp-event-editing-allows-unauthorized-assignment-to-undisclosed-sharing-groups","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2026-54397-misp-event-editing-allows-unauthorized-assignment-to-undisclosed-sharing-groups\/","title":{"rendered":"CVE-2026-54397 &#8211; MISP event editing allows unauthorized assignment to undisclosed sharing groups"},"content":{"rendered":"<p>CVE ID :CVE-2026-54397<\/p>\n<p>  Published : June 12, 2026, 8:55 p.m. | 27\u00a0minutes ago<\/p>\n<p>  Description :A vulnerability in MISP\u2019s non-REST event editing path allowed an authenticated user with event edit permissions to manipulate the submitted form data and set an event\u2019s sharing_group_id to a sharing group they were not authorized to use. When distribution was set to sharing group distribution, the non-REST save path accepted the submitted sharing_group_id without performing the same sharing group authorization check enforced by the REST edit path.<\/p>\n<p>An attacker could exploit this by tampering with the event edit request and assigning an event to an undisclosed or unauthorized sharing group. This could result in unauthorized use of restricted sharing groups, disclosure of the sharing group name in event listings, and unintended modification of the event\u2019s distribution metadata.<\/p>\n<p>The issue is fixed by validating that the selected sharing group can be used by the current user when the sharing group is changed, and by clearing sharing_group_id when the event distribution is not set to sharing group distribution.<\/p>\n<p>  Severity: 6.1 | MEDIUM<\/p>\n<p>  Visit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID :CVE-2026-54397 Published : June 12, 2026, 8:55 p.m. | 27\u00a0minutes ago Description :A vulnerability in MISP\u2019s non-REST event editing path allowed an authenticated user with event edit permissions to manipulate the submitted form data and set an event\u2019s sharing_group_id to a sharing group they were not authorized to use. When distribution was set &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-79682","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/79682","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=79682"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/79682\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=79682"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=79682"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=79682"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}