CVE-2020-10496

Name of the Vulnerable Software and Affected Versions Chadha PHPKB Standard Multi-Language version 9

Description The issue allows attackers to edit an article, given the id, via a crafted request to the "admin/edit-article.php" endpoint. This is made possible by a CSRF weakness.

Recommendations For Chadha PHPKB Standard Multi-Language version 9, as a temporary workaround, consider implementing CSRF protection measures, such as token-based validation, to prevent unauthorized edits to articles. Restrict access to the "admin/edit-article.php" endpoint to minimize the risk of exploitation. Avoid using the id parameter in the affected endpoint until the issue is resolved.