Medium severity6.1NVD Advisory· Published Mar 12, 2020· Updated Jun 17, 2026
CVE-2020-10461
CVE-2020-10461
Description
The way comments in article.php (vulnerable function in include/functions-article.php) are handled in Chadha PHPKB Standard Multi-Language 9 allows attackers to execute Stored (Blind) XSS (injecting arbitrary web script or HTML) in admin/manage-comments.php, via the GET parameter cmt.
Affected products
2- Chadha PHPKB/Standard Multi-Languagedescription
Patches
Vulnerability mechanics
References
2- antoniocannito.itnvdExploitThird Party Advisory
- antoniocannito.it/phpkb1nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.