Description
JFrog Artifactory prior to version 7.28.0 and 6.23.38, is vulnerable to Broken Access Control, the copy functionality can be used by a low-privileged user to read and copy any artifact that exists in the Artifactory deployment due to improper permissions validation.
Remediation
References
Related Vulnerabilities
MediaWiki Other Vulnerability (CVE-2005-0536)
WordPress Plugin Aspose DOC Exporter Arbitrary File Download (1.0)
WordPress Plugin eHive Object Details Cross-Site Scripting (2.1.6)
WordPress Plugin WordPress Infinite Scroll-Ajax Load More Directory Traversal (5.5.4)
WordPress Plugin Contact Form by BestWebSoft Cross-Site Scripting (4.0.1)