CVE-2023-47323
CVE-2023-47323
The notification/messaging feature of Silverpeas Core 6.3.1 does not enforce access control on the ID parameter. This allows an attacker to read all messages sent between other users; including those sent only to administrators.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →