cve/2023/CVE-2023-47322.md

CVE-2023-47322

Description

The "userModify" feature of Silverpeas Core 6.3.1 is vulnerable to Cross Site Request Forgery (CSRF) leading to privilege escalation. If an administrator goes to a malicious URL while being authenticated to the Silverpeas application, the CSRF with execute making the attacker an administrator user in the application.

POC

Reference

• https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47322

Github

• https://github.com/RhinoSecurityLabs/CVEs