Medium severity6.1NVD Advisory· Published Mar 9, 2020· Updated Jun 17, 2026
CVE-2020-10192
CVE-2020-10192
Description
An issue was discovered in Munkireport before 5.3.0.3923. An unauthenticated actor can send a custom XSS payload through the /report/broken_client endpoint. The payload will be executed by any authenticated users browsing the application. This concerns app/views/listings/default.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Munkireport/Munkireportdescription
- Range: <5.3.0.3923
Patches
Vulnerability mechanics
References
1- github.com/munkireport/munkireport-php/releasesnvdRelease NotesThird Party Advisory
News mentions
0No linked articles in our index yet.