CVE-2023-47320

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-47320

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-47320.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-47320

Aliases

GHSA-whgv-6j78-5rh2

Published

2023-12-13T14:15:44Z

Modified

2024-09-02T20:55:32Z

Severity

8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H CVSS Calculator

Summary

[none]

Details

Silverpeas Core 6.3.1 is vulnerable to Incorrect Access Control. An attacker with low privileges is able to execute the administrator-only function of putting the application in "Maintenance Mode" due to broken access control. This makes the application unavailable to all users. This affects Silverpeas Core 6.3.1 and below.

References

Affected packages

Git / github.com/silverpeas/silverpeas-core

Affected ranges

Type: GIT
Repo: https://github.com/silverpeas/silverpeas-core
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

be7d7d580572c31f28e80e84dc3813c4ae6f6bd2