2 matches found
CVE-2020-10425
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/manage-glossary.php by adding a question mark ? followed by the payload...
PT-2020-12146 · Chadha · Phpkb Standard Multi-Language
Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue allows attackers to inject arbitrary web script or HTML via the sort GET parameter in the admin/manage-glossary.php file. This can lead to reflected XSS attacks...