CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a department via a crafted request.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10490
Reference (s):
- http://antoniocannito.it/?p=343#csrf13
- https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-department-cve-2020-10490