漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
NATO NCI ANET 3.4.1 mishandles report ownership. A user can create a report and, despite the restrictions imposed by the UI, change the author of that report to an arbitrary user (without their consent or knowledge) via a modified UUID in a POST request.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
NCI Agency ANET 安全漏洞
Vulnerability Description
NCI Agency ANET(NCI Agency Advisor Network)是NCI Agency开源的一种追踪顾问和顾问之间关系的工具。 NCI Agency ANET 3.4.1版本存在安全漏洞,该漏洞源于错误处理报告所有权,用户可以通过POST请求中修改的UUID将该报告的作者更改为任意用户。
CVSS Information
N/A
Vulnerability Type
N/A