Unrated severityNVD Advisory· Published Aug 18, 2015· Updated Jun 17, 2026
CVE-2015-5508
CVE-2015-5508
Description
Cross-site request forgery (CSRF) vulnerability in the XC NCIP Provider module in the eXtensible Catalog (XC) Drupal Toolkit allows remote attackers to hijack the authentication of users with the "administer ncip providers" permission for requests that alter NCIP providers via a crafted request.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:the_extensible_catalog_drupal_toolkit_project:the_extensible_catalog_drupal_toolkit:-:*:*:*:*:drupal:*:*
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.