2 matches found
CVE-2015-5508
CVE-2015-5508 refers to a CSRF vulnerability in The eXtensible Catalog (XC) Drupal Toolkit, specifically the XC NCIP Provider module. The issue arises because certain NCIP-Provider-related URLs aren’t sufficiently CSRF-protected, allowing an attacker to cause users with the administer ncip provid...
The eXtensible Catalog (XC) Drupal Toolkit - Critical - Cross Site Request Forgery (CSRF) - SA-CONTRIB-2015-121
The eXtensible Catalog Drupal Toolkit is a set of Drupal modules to harvest records of the XC Schema format from a Metadata Services Toolkit MST. The XC NCIP Provider module doesn't sufficiently protect some URLs against CSRF. A malicious user can cause a user with "administer ncip providers"...