Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The "userModify" feature of Silverpeas Core 6.3.1 is vulnerable to Cross Site Request Forgery (CSRF) leading to privilege escalation. If an administrator goes to a malicious URL while being authenticated to the Silverpeas application, the CSRF with execute making the attacker an administrator user in the application.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Silverpeas 跨站请求伪造漏洞
Vulnerability Description
Silverpeas是一套开源的业务协作平台。该平台包括项目管理、博客、论坛和文档管理等应用程序。 Silverpeas Core 6.3.1版本存在跨站请求伪造漏洞,该漏洞源于如果管理员在通过 Silverpeas 应用程序身份验证时访问恶意 URL,则会执行 CSRF,使攻击者成为应用程序中的管理员用户。
CVSS Information
N/A
Vulnerability Type
N/A