CVE-2023-47327

MEDIUM EPSS 40.4%

Published Dec 13, 20232y ago · Modified Jun 17, 20261w ago

4.3 CVSS 3.1

Medium

Published Dec 13, 2023 2y ago

Last Modified Jun 17, 2026 1w ago

Description

The "Create a Space" feature in Silverpeas Core 6.3.1 is reserved for use by administrators. This function suffers from broken access control, allowing any authenticated user to create a space by navigating to the correct URL.

CVSS Details

Base Score

4.3

Exploitability

2.8

Impact

1.4

Vector string

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Attack Vector Network

Attack Complexity Low

Privileges Required Low

User Interaction None

Scope Unchanged

Confidentiality None

Integrity Low

Availability None

Threat Intelligence

EPSS Exploit Probability

40.4% percentile

Exploit & Patch Status

Public Exploit Known

No Patch Available

Affected Products 1

Vendor	Product	Version	Range
silverpeas	silverpeas	*	<6.3.2

References 2

silverpeas.com http://silverpeas.com

Product
github.com https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47327

ExploitThird Party Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.