CVE-2020-10490 – CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Langu

4 years ago

CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a department via a crafted request.

Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10490

Reference (s):

http://antoniocannito.it/?p=343#csrf13
https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-department-cve-2020-10490