Description
The notification/messaging feature of Silverpeas Core 6.3.1 does not enforce access control on the ID parameter. This allows an attacker to read all messages sent between other users; including those sent only to administrators.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
Github GHSA |
GHSA-cwh6-hm53-6w2m | Missing access control in Silverpeas |
References
History
No history.
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2026-07-05T00:33:21.395Z
Reserved: 2023-11-06T00:00:00.000Z
Link: CVE-2023-47323
No data.
Status : Modified
Published: 2023-12-13T14:15:44.293
Modified: 2026-06-17T06:32:35.940
Link: CVE-2023-47323
No data.
OpenCVE Enrichment
No data.
Weaknesses
Github GHSA