Описание
Broken access control in Silverpeas
The "Create a Space" feature in Silverpeas Core 6.3.1 is reserved for use by administrators. This function suffers from broken access control, allowing any authenticated user to create a space by navigating to the correct URL.
Пакеты
Наименование
org.silverpeas.core:silverpeas-core-web
maven
Затронутые версииВерсия исправления
< 6.3.2
6.3.2
Связанные уязвимости
CVSS3: 4.3
nvd
около 2 лет назад
The "Create a Space" feature in Silverpeas Core 6.3.1 is reserved for use by administrators. This function suffers from broken access control, allowing any authenticated user to create a space by navigating to the correct URL.