Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-g27c-w2v7-88xp: Cross Site Request Forgery in Silverpeas

The “userModify” feature of Silverpeas Core 6.3.1 is vulnerable to Cross Site Request Forgery (CSRF) leading to privilege escalation. If an administrator goes to a malicious URL while being authenticated to the Silverpeas application, the CSRF with execute making the attacker an administrator user in the application.

ghsa
#csrf#git#auth

Cross Site Request Forgery in Silverpeas

Moderate severity GitHub Reviewed Published Dec 13, 2023 to the GitHub Advisory Database • Updated Dec 13, 2023

ghsa: Latest News

GHSA-fpm5-2wcj-vfr7: codechecker authentication method confusion vulnerability allows logging in as the built-in root user from an external service