EUVD-2015-5463

Malware in sbrugna...

CVE-2015-5508

Cross-site request forgery CSRF vulnerability in the XC NCIP Provider module in the eXtensible Catalog XC Drupal Toolkit allows remote attackers to hijack the authentication of users with the "administer ncip providers" permission for requests that alter NCIP providers via a crafted request...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the XC NCIP Provider module in the eXtensible Catalog XC Drupal Toolkit allows remote attackers to hijack the authentication of users with the "administer ncip providers" permission for requests that alter NCIP providers via a crafted request...

CVE-2015-5508

Cross-site request forgery CSRF vulnerability in the XC NCIP Provider module in the eXtensible Catalog XC Drupal Toolkit allows remote attackers to hijack the authentication of users with the "administer ncip providers" permission for requests that alter NCIP providers via a crafted request...

CVE-2015-5508

CVE-2015-5508 refers to a CSRF vulnerability in The eXtensible Catalog (XC) Drupal Toolkit, specifically the XC NCIP Provider module. The issue arises because certain NCIP-Provider-related URLs aren’t sufficiently CSRF-protected, allowing an attacker to cause users with the administer ncip provid...

The eXtensible Catalog (XC) Drupal Toolkit - Critical - Cross Site Request Forgery (CSRF) - SA-CONTRIB-2015-121

The eXtensible Catalog Drupal Toolkit is a set of Drupal modules to harvest records of the XC Schema format from a Metadata Services Toolkit MST. The XC NCIP Provider module doesn't sufficiently protect some URLs against CSRF. A malicious user can cause a user with "administer ncip providers"...