CSRF Vulnerability in Chadha PHPKB Standard Multi-Language 9 Allows Unauthorized Global Settings Modification

CSRF Vulnerability in Chadha PHPKB Standard Multi-Language 9 Allows Unauthorized Global Settings Modification

CVE-2020-10478 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CSRF in admin/manage-settings.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to change the global settings, potentially gaining code execution or causing a denial of service, via a crafted request.

Learn more about our Web Application Penetration Testing UK.