Lucene search

K

MitreCVELIST:CVE-2020-10438

HistoryMar 12, 2020 - 1:04 p.m.

CVE-2020-10438

2020-03-1213:04:46

mitre

www.cve.org

4

EPSS

0.001

Percentile

32.0%

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/reply-ticket.php by adding a question mark (?) followed by the payload.

References

antoniocannito.it/?p=137#uxss

antoniocannito.it/phpkb1#reflected-cross-site-scripting-in-every-admin-page-cve-block-going-from-cve-2020-10391-to-cve-2020-10456

EPSS

0.001

Percentile

32.0%

Related for CVELIST:CVE-2020-10438

nvd1 cve1 prion1