composer›kumbiaphp/kumbiapp›CVE-2020-141465.4 MEDIUMCross-site ScriptingKumbiaPHP in Development mode, allows XSS via the public/pages/kumbia PATH_INFO.