Описание
Broken access control in Silverpeas
Silverpeas Core 6.3.1 administrative "Bin" feature is affected by broken access control. A user with low privileges is able to navigate directly to the bin, revealing all deleted spaces. The user can then restore or permanently delete the spaces.
Пакеты
Наименование
org.silverpeas.core:silverpeas-core-web
maven
Затронутые версииВерсия исправления
< 6.3.2
6.3.2
Связанные уязвимости
CVSS3: 5.4
nvd
около 2 лет назад
Silverpeas Core 6.3.1 administrative "Bin" feature is affected by broken access control. A user with low privileges is able to navigate directly to the bin, revealing all deleted spaces. The user can then restore or permanently delete the spaces.