CVE-2023-47325

medium

Description

Silverpeas Core 6.3.1 administrative "Bin" feature is affected by broken access control. A user with low privileges is able to navigate directly to the bin, revealing all deleted spaces. The user can then restore or permanently delete the spaces.

References

https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47325

http://silverpeas.com

Details

Source: Mitre, NVD

Published: 2023-12-13

Updated: 2025-05-22

Risk Information

CVSS v2

Base Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 5.4

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N