JFrog Artifactory prior to 7.31.10, is vulnerable to Broken Access Control where a Project Admin is able to create, edit and delete Repository Layouts while Repository Layouts configuration should only be available for Platform Administrators.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Artifactory | Jfrog | 7.0.0 (including) | 7.31.10 (excluding) |