Cross site request forgery (csrf)

CSRF in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to close any ticket, given the id, via a crafted request...

PT-2020-12169 · Chadha · Chadha Phpkb Standard Multi-Language

Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue allows attackers to close any ticket, given the id, via a crafted request to the "admin/manage-tickets.php" endpoint. This is made possible by a CSRF flaw. Recommendations:...