Skip to content

Latest commit

 

History

History

CVE-2023-47325

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
 
 

CVE-2023-47325: Silverpeas Core Broken Access Control on the "Bin" Allows Modification of Deleted Spaces

Information

Description: Broken Access Control on the "Bin" allows low privileged users to access and modify deleted spaces in Silverpeas Core.
Versions Affected: < 6.3.1
Version Fixed: 6.3.2
Researcher: Tyler Ramsbey (https://youtube.com/@TylerRamsbey)
Disclosure Link: https://rhinosecuritylabs.com/research/silverpeas-file-read-cves/ NIST CVE Link: https://nvd.nist.gov/vuln/detail/CVE-2023-47320

Proof-of-Concept Exploit

Description

The administrative "Bin" feature in Silverpeas Core 6.3.1 is affected by broken access control. A user with low privileges is able to navigate directly to the bin, revealing all deleted spaces. The user can then restore or permanently delete the spaces.

Usage/Exploitation

To exploit this vulnerability, an authenticated user needs to navigate directly to this URL: http://localhost:8080/silverpeas/RjobStartPagePeas/jsp/ViewBin. The bin successfully renders revealing all deleted spaces. The low privileged user can then restore or permanently delete the spaces.