Unprivileged users can create content libraries in Studio

Critical

alangsto published GHSA-3q74-3rfh-g37j

Jul 25, 2023

Package

No package listed

Affected versions

master

Patched versions

None

Description

Unprivileged users can create content libraries in Studio.

This security fix requires being associated a member of an organization to create content libraries in studio.

Severity

Critical

9.7

/ 10

CVSS base metrics

Attack vector

Network

Attack complexity

Low

Privileges required

None

User interaction

Required

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H