Description
JFrog Artifactory prior to version 7.28.0 and 6.23.38, is vulnerable to Broken Access Control, the copy functionality can be used by a low-privileged user to read and copy any artifact that exists in the Artifactory deployment due to improper permissions validation.
Remediation
References
Related Vulnerabilities
WordPress Plugin Let Them Unsubscribe Multiple Unspecified Vulnerabilities (1.0)
Ruby on Rails Improper Input Validation Vulnerability (CVE-2016-0753)
WordPress 5.1.x PHP Object Injection (5.1 - 5.1.9)
Jboss EAP Improper Input Validation Vulnerability (CVE-2010-1871)
WordPress Plugin Smart Google Code Inserter Multiple Vulnerabilities (3.4)