CVE-2020-10493

Name of the Vulnerable Software and Affected Versions Chadha PHPKB Standard Multi-Language version 9

Description The issue allows attackers to edit a glossary term using a crafted request, given the id. This is made possible by a CSRF vulnerability in the admin/edit-glossary.php file.

Recommendations For Chadha PHPKB Standard Multi-Language version 9, consider implementing proper CSRF protection mechanisms to prevent unauthorized edits to glossary terms. As a temporary workaround, restrict access to the admin/edit-glossary.php file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.