JFrog Artifactory prior to 7.31.10, is vulnerable to Broken Access Control where a Project Admin is able to create, edit and delete Repository Layouts while Repository Layouts configuration should only be available for Platform Administrators.
CPE | Name | Operator | Version |
---|---|---|---|
artifactory | ge | 7.0.0 | |
artifactory | lt | 7.31.10 |