Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site request forgery (CSRF) vulnerability in the XC NCIP Provider module in the eXtensible Catalog (XC) Drupal Toolkit allows remote attackers to hijack the authentication of users with the "administer ncip providers" permission for requests that alter NCIP providers via a crafted request.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
eXtensible Catalog (XC) Drupal Toolkit XC NCIP Provider模块跨站请求伪造漏洞
Vulnerability Description
eXtensible Catalog (XC) Drupal Toolkit是一组从元数据服务工具包(MST)获取XC架构格式记录的Drupal模块。XC NCIP Provider是其中的一个与XC NCIP工具包之间进行通信的模块。 XC Drupal Toolkit的XC NCIP Provider模块中存在跨站请求伪造漏洞。远程攻击者可通过发送特制的请求利用该漏洞以‘administer ncip providers’权限变更NCIP提供者。
CVSS Information
N/A
Vulnerability Type
N/A