Snyk has a proof-of-concept or detailed explanation of how to exploit this vulnerability.
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsUpgrade org.dspace:dspace-api to version 7.0-preview-1 or higher.
org.dspace:dspace-api is a DSpace core data model and service APIs.
Affected versions of this package are vulnerable to Access Restriction Bypass. Multiple access control issues exist in dspace-api development versions. These issues include:
Note: These issues only exist in unreleased/development versions of DSpace v7.0, and it does not impact any production releases outside of beta/preview releases.