VYPR
Medium severity6.1NVD Advisory· Published Mar 12, 2020· Updated Jun 17, 2026

CVE-2020-10461

CVE-2020-10461

Description

The way comments in article.php (vulnerable function in include/functions-article.php) are handled in Chadha PHPKB Standard Multi-Language 9 allows attackers to execute Stored (Blind) XSS (injecting arbitrary web script or HTML) in admin/manage-comments.php, via the GET parameter cmt.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.