CNNVD-202509-176 Information

CNNVD ID

CNNVD-202509-176

Related CVE

CVE-2025-46047

• CNNVD Published: 2025-09-02

Description (Chinese)

Silverpeas是Silverpeas开源的一套开源的业务协作平台。该平台包括项目管理、博客、论坛和文档管理等应用程序。 Silverpeas 6.4.1版本和6.4.2版本存在安全漏洞，该漏洞源于用户枚举，可能导致通过Login参数获取有效用户名。

Description (English)

Silverpeas is an open source business collaboration platform for Silverpeas. The platform includes applications such as project management, blogs, forums and document management. There is a security gap between Silverpeas version 6.4.1 and version 6.4.2, which originates from the user count and may lead to the acquisition of a valid user name through the Login parameter.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Silverpeas

Published

2025-09-02

Last Modified

2026-02-24

References

https://github.com/Silverpeas/Silverpeas-Core/pull/1399 https://github.com/J0ey17/Silverpeas-Username-Enumeration-PoC https://access.redhat.com/security/cve/cve-2025-46047 https://nvd.nist.gov/vuln/detail/CVE-2025-46047