CVE-2023-47322
Published
CVSS v3
8.8
HIGH
CVSS v2
N/A
Affected
1
PROJECT
Description
The "userModify" feature of Silverpeas Core 6.3.1 is vulnerable to Cross Site Request Forgery (CSRF) leading to privilege escalation. If an administrator goes to a malicious URL while being authenticated to the Silverpeas application, the CSRF with execute making the attacker an administrator user in the application.
Proof-of-Concept exploits for CVEs found by the team at Rhino Security Labs
GitHub