exploitDog

CVE-2023-47325

Опубликовано: 13 дек. 2023

Источник: nvd

CVSS3: 5.4

EPSS Низкий

Описание

Silverpeas Core 6.3.1 administrative "Bin" feature is affected by broken access control. A user with low privileges is able to navigate directly to the bin, revealing all deleted spaces. The user can then restore or permanently delete the spaces.

Ссылки

http://silverpeas.com
Product
https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47325
Exploit
Third Party Advisory
http://silverpeas.com
Product
https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47325
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:silverpeas:silverpeas:*:*:*:*:*:*:*:*

Версия до 6.3.2 (исключая)

EPSS

Процентиль: 42%

0.00198

Низкий

5.4 Medium

CVSS3

Дефекты

NVD-CWE-Other

CWE-284

Связанные уязвимости

GHSA-42g3-3jwm-63rx

CVSS3: 5.4

github

около 2 лет назад

Broken access control in Silverpeas

EPSS

Процентиль: 42%

0.00198

Низкий

5.4 Medium

CVSS3

Дефекты

NVD-CWE-Other

CWE-284