Description
JFrog Artifactory prior to 7.31.10, is vulnerable to Broken Access Control where a Project Admin is able to create, edit and delete Repository Layouts while Repository Layouts configuration should only be available for Platform Administrators.
Remediation
References
Related Vulnerabilities
Liferay DXP URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-28977)
WordPress Plugin Import any XML or CSV File to WordPress Cross-Site Scripting (3.6.2)
Python Integer Overflow or Wraparound Vulnerability (CVE-2008-4864)
ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-9127)