CVE-2023-47322
Description
Silverpeas Core 6.3.1's userModify feature is vulnerable to CSRF, allowing an attacker to trick an authenticated admin into granting admin privileges.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Silverpeas Core 6.3.1's userModify feature is vulnerable to CSRF, allowing an attacker to trick an authenticated admin into granting admin privileges.
Vulnerability
Overview
The userModify feature in Silverpeas Core 6.3.1 lacks proper Cross-Site Request Forgery (CSRF) protection. This allows an attacker to craft a malicious URL that, when visited by an authenticated administrator, can forge a request to modify user privileges [2][4]. The root cause is the absence of a CSRF token or other anti-forgery mechanism on this sensitive endpoint.
Exploitation
Conditions
Exploitation requires the attacker to host a crafted HTML page or link on an attacker-controlled web server [4]. When a Silverpeas administrator who is currently authenticated to the application visits this malicious page, the CSRF attack triggers a request to the userModify function without the administrator's knowledge or consent. No additional authentication is needed beyond the admin's active session.
Impact
Successful exploitation allows the attacker to escalate their privileges to that of an administrator within the Silverpeas application. The attacker effectively becomes an administrator, gaining full control over the platform, including access to sensitive data and the ability to perform further administrative actions [2][4].
Mitigation
The vulnerability is fixed in Silverpeas Core version 6.3.2 [4]. Users are strongly advised to upgrade to this patched version. There is no indication of a workaround, and the CVE is not currently listed in CISA's Known Exploited Vulnerabilities Catalog.
AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.silverpeas.core:silverpeas-core-webMaven | < 6.3.2 | 6.3.2 |
Affected products
2- Silverpeas/Coredescription
Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"Missing CSRF token validation on the "userModify" request allows an attacker to forge requests that modify user privileges."
Attack vector
An attacker hosts a malicious HTML page on an attacker-controlled web server [ref_id=1]. When an authenticated Silverpeas administrator visits that page, the attacker's page submits a forged "userModify" request to the Silverpeas application using the administrator's active session [CWE-352]. The request modifies the attacker's user account to grant administrator privileges. No CSRF token is required or validated, so the browser automatically includes the administrator's session cookie and the request is processed as legitimate [ref_id=1].
Affected code
The "userModify" feature in Silverpeas Core 6.3.1 is the vulnerable endpoint [ref_id=1]. The advisory does not specify the exact file path or function name.
What the fix does
The advisory states the vulnerability is fixed in Silverpeas Core version 6.3.2 [ref_id=1]. No patch diff is provided in the bundle, but the fix likely introduces CSRF token validation on the "userModify" endpoint to ensure requests originate from the application's own UI rather than from an external attacker-controlled page [CWE-352]. Administrators should upgrade to version 6.3.2 or later to remediate the issue.
Preconditions
- inputThe attacker must host a malicious HTML page on an attacker-controlled web server.
- authA Silverpeas administrator must be authenticated to the application and visit the attacker's malicious page.
- authThe administrator's browser must have an active session cookie for the Silverpeas application.
Generated on May 27, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
4News mentions
0No linked articles in our index yet.