Tyler Ramsbey

**Name of the Vulnerable Software and Affected Versions** Silverpeas Core versions 6.3.1 and below **Description** The issue is related to Incorrect Access Control, allowing an attacker with low privileges to execute the administrator-only function of putting the application in "Maintenance Mode" due to broken access control. This makes the application unavailable to all users. **Recommendations** For Silverpeas Core versions 6.3.1 and below, consider restricting access to the administrator-only functions until a patch is available. As a temporary workaround, disabling the ability to put the application in "Maintenance Mode" can help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Silverpeas Core version 6.3.1 **Description** The issue is related to Incorrect Access Control via the "Porlet Deployer" which allows administrators to deploy .WAR portlets. **Recommendations** For Silverpeas Core version 6.3.1, consider restricting access to the "Porlet Deployer" to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Silverpeas Core version 6.3.1 **Description** The issue affects the `userModify` feature, allowing for Cross Site Request Forgery (CSRF) that leads to privilege escalation. If an administrator visits a malicious URL while authenticated to the Silverpeas application, the CSRF can execute, making the attacker an administrator user in the application. **Recommendations** For Silverpeas Core version 6.3.1, consider disabling the `userModify` feature as a temporary workaround until a patch is available. Restrict access to the `userModify` feature to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Silverpeas Core version 6.3.1 **Description** The notification/messaging feature does not enforce access control on the `ID` parameter. This allows an attacker to read all messages sent between other users, including those sent only to administrators. **Recommendations** For Silverpeas Core version 6.3.1, consider restricting access to the notification/messaging feature until a patch is available. As a temporary workaround, avoid using the `ID` parameter in the affected API endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Silverpeas Core version 6.3.1 **Description** The administrative "Bin" feature in Silverpeas Core is affected by broken access control, allowing a user with low privileges to navigate directly to the bin. This reveals all deleted spaces, which the user can then restore or permanently delete. **Recommendations** For Silverpeas Core version 6.3.1, consider restricting access to the "Bin" feature to prevent low-privileged users from navigating to it and restoring or deleting spaces. As a temporary workaround, consider disabling the "Bin" feature until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Silverpeas Core version 6.3.1 **Description** The issue is related to Cross Site Request Forgery (CSRF) via the Domain SQL Create function. This means that an attacker could potentially trick a user into performing unintended actions on the application. **Recommendations** For Silverpeas Core version 6.3.1, consider disabling the Domain SQL Create function until a patch is available to prevent potential CSRF attacks. Restrict access to this function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Silverpeas Core version 6.3.1 **Description** The issue is related to broken access control in the "Create a Space" feature, which is supposed to be reserved for administrators. However, any authenticated user can create a space by navigating to the correct URL. **Recommendations** For Silverpeas Core version 6.3.1, consider restricting access to the "Create a Space" feature to only administrators until a patch is available. As a temporary workaround, limit the ability of non-administrative users to navigate to the specific URL that allows space creation.