Silverpeas Core 6.3.1 is vulnerable to Incorrect Access Control. An attacker with low privileges is able to execute the administrator-only function of putting the application in "Maintenance Mode" due to broken access control. This makes the application unavailable to all users. This affects Silverpeas Core 6.3.1 and below.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:HSilverpeas
APPSilverpeas< 6.3.2
Powiązane podatności
Silverpeas – pomijanie wymagań złożoności hasła przy jego zmianie
Silverpeas – pominięcie hasła umożliwia dostęp jako superadmin (Auth Bypass)
Silverpeas 5.15 through 6.0.2 is affected by an authenticated Directory Traversal vulnerability that can be tr...
SQL Injection vulnerability in Silverpeas 6.4.1 allows a remote attacker to obtain sensitive information via t...
The "userModify" feature of Silverpeas Core 6.3.1 is vulnerable to Cross Site Request Forgery (CSRF) leading t...