CVE-2020-10495

Name of the Vulnerable Software and Affected Versions Chadha PHPKB Standard Multi-Language version 9

Description The issue allows attackers to edit an article template, given the id, via a crafted request to the "admin/edit-template.php" endpoint. This is made possible by a CSRF weakness.

Recommendations For Chadha PHPKB Standard Multi-Language version 9, as a temporary workaround, consider implementing CSRF protection measures, such as token-based validation, to prevent unauthorized edits to article templates. Restrict access to the "admin/edit-template.php" endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.