Description
JFrog Artifactory prior to 7.31.10, is vulnerable to Broken Access Control where a Project Admin is able to create, edit and delete Repository Layouts while Repository Layouts configuration should only be available for Platform Administrators.
Remediation
References
Related Vulnerabilities
Django Resource Management Errors Vulnerability (CVE-2014-0481)
Ruby Other Vulnerability (CVE-2016-2337)
Drupal Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-25277)
WordPress Plugin WordPress File Upload Cross-Site Scripting (4.3.2)
IBM WebSEAL Improper Input Validation Vulnerability (CVE-2020-4461)