2021-01-19 15:30:35
mitre
PUBLISHED
The default setting of MISP 2.4.136 did not enable the requirements (aka require_password_confirmation) to provide the previous password when changing a password.