Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site request forgery (CSRF) vulnerability in the Commerce Extra Panes module 7.x-1.x before 7.x-1.1 in Drupal allows remote attackers to hijack the authentication of administrators for requests that enable or disable a Commerce extra panes pane via unspecified vectors related to "the link to reorder items."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Drupal Commerce Extra Panes模块跨站请求伪造漏洞
Vulnerability Description
Drupal是Drupal社区所维护的一套用PHP语言开发的免费、开源的内容管理系统。 Drupal中的Commerce Extra Panes模块7.x-1.1之前的7.x-1.x版本中存在跨站请求伪造漏洞。远程攻击者利用该漏洞通过与‘重排序项的链接’相关的未明向量,劫持发送启用或禁用Commerce额外面板请求的管理员的身份验证信息。
CVSS Information
N/A
Vulnerability Type
N/A