Medium severity5.4NVD Advisory· Published Mar 9, 2020· Updated Jun 17, 2026
CVE-2020-10191
CVE-2020-10191
Description
An issue was discovered in MunkiReport before 5.3.0. An authenticated actor can send a custom XSS payload through the /module/comment/save endpoint. The payload will be executed by any authenticated users browsing the application. This concerns app/controllers/client.php:detail.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- MunkiReport/MunkiReportdescription
- Range: <5.3.0
Patches
Vulnerability mechanics
References
1- github.com/munkireport/munkireport-php/releasesnvdThird Party Advisory
News mentions
0No linked articles in our index yet.