Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site request forgery (CSRF) vulnerability in the elFinder file manager module 6.x-0.x before 6.x-0.8 and 7.x-0.x before 7.x-0.8 for Drupal allows remote attackers to hijack the authentication of unspecified victims to create, modify, or delete files via unknown vectors.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Drupal elFinder文件管理模块跨站请求伪造漏洞
Vulnerability Description
elFinder File Manager是基于Drupal平台下的一套开源的AJAX文件管理器。它提供多文件上传、图像缩放等功能。 Drupal的elFinder File Manager模块中存在跨站请求伪造漏洞。远程攻击者可利用该漏洞劫持未明受害者创建、修改或删除文件的身份认证。以下版本受到影响:Drupal的elFinder File Manager模块6.x-0.8之前的6.x-0.x版本和7.x-0.8之前的7.x-0.x版本。
CVSS Information
N/A
Vulnerability Type
N/A