{"id":"CVE-2021-27904","details":"An issue was discovered in app/Model/SharingGroupServer.php in MISP 2.4.139. In the implementation of Sharing Groups, the \"all org\" flag sometimes provided view access to unintended actors.","modified":"2026-05-17T03:54:29.292587408Z","published":"2021-03-02T07:15:12.760Z","database_specific":{},"references":[{"type":"FIX","url":"https://github.com/MISP/MISP/commit/ca13fee271ad126832c88896776f3050a6c06e64"}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}]}