Cross Site Request Forgery Vulnerability in Silverpeas Core by Silverpeas
CVE-2023-47326

8.8HIGH

Key Information:

Vendor: Silverpeas
Status: Silverpeas
Vendor: CVE Published:; 13 December 2023

What is CVE-2023-47326?

Silverpeas Core version 6.3.1 is vulnerable to a Cross Site Request Forgery (CSRF) attack, which can exploit the Domain SQL Create function. This vulnerability allows attackers to manipulate users into executing unwanted actions on behalf of another user. Proper security measures are crucial for protecting applications against such threats.

References

http://silverpeas.com

https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 13, 2023
Vulnerability Reserved
Nov 6, 2023