Lucene search
China National Vulnerability DatabaseCNVD-2023-04311HistoryJan 16, 2023 - 12:00 a.m.
phpMyFAQ Cross-Site Scripting Vulnerability (CNVD-2023-04311)
2023-01-1600:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
phpMyFAQ is a multilingual, fully database-driven FAQ system. phpMyFAQ versions prior to 3.1.10 are vulnerable to a cross-site scripting vulnerability that stems from the presence of reflective cross-site scripting (XSS). No detailed vulnerability details are currently available.
| CPE | Name | Operator | Version |
|---|---|---|---|
| phpmyfaq phpmyfaq | lt | 3.1.10 |
Related
prion
prion
Cross site scripting
2023-01-15 22:15:00
osv
osv
phpMyFAQ Reflected Cross-site Scripting vulnerability
2023-01-16 00:30:24
CVE-2023-0314
2023-01-15 22:15:11
cve
cve
CVE-2023-0314
2023-01-15 22:15:11
huntr
huntr
Reflect XSS Which can help in any CSRF Vulnerability
2022-12-13 10:19:56
github
github
phpMyFAQ Reflected Cross-site Scripting vulnerability
2023-01-16 00:30:24
veracode
veracode
Cross-site Scripting (XSS)
2023-01-29 06:15:11
openvas
openvas
phpMyFAQ < 3.1.10 Multiple Vulnerabilities
2023-01-16 00:00:00
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Related for CNVD-2023-04311