Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-whgv-6j78-5rh2: Broken access control in Silverpeas

Silverpeas Core 6.3.1 is vulnerable to Incorrect Access Control. An attacker with low privileges is able to execute the administrator-only function of putting the application in “Maintenance Mode” due to broken access control. This makes the application unavailable to all users. This affects Silverpeas Core 6.3.1 and below.

ghsa
Open in Source
#git

Broken access control in Silverpeas

Low severity GitHub Reviewed Published Dec 13, 2023 to the GitHub Advisory Database • Updated Dec 13, 2023

Related news

CVE-2023-47320: Plateforme collaborative - open source Silverpeas est votre logiciel intranet

Silverpeas Core 6.3.1 is vulnerable to Incorrect Access Control. An attacker with low privileges is able to execute the administrator-only function of putting the application in "Maintenance Mode" due to broken access control. This makes the application unavailable to all users. This affects Silverpeas Core 6.3.1 and below.

ghsa: Latest News

GHSA-pj33-75x5-32j4: RabbitMQ HTTP API's queue deletion endpoint does not verify that the user has a required permission
ghsa