CVE-2023-47321: Broken access control in Silverpeas

December 13, 2023

Silverpeas Core 6.3.1 is vulnerable to Incorrect Access Control via the “Porlet Deployer” which allows administrators to deploy .WAR portlets.

References

silverpeas.com/
github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47321
github.com/advisories/GHSA-28wg-8gv4-mpjf
nvd.nist.gov/vuln/detail/CVE-2023-47321

Detect and mitigate CVE-2023-47321 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →