Lucene search
HistoryOct 19, 2022 - 1:15 p.m.
CVE-2022-3608
cve-2022-3608
cross-site scripting
xss
github
repository
thorsten
phpmyfaq
nvd
8.4 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
7.8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
40.6%
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.0-alpha.
Affected configurations
Node
phpmyfaqphpmyfaqRange≤3.1.7
| CPE | Name | Operator | Version |
|---|---|---|---|
| phpmyfaq:phpmyfaq | phpmyfaq | le | 3.1.7 |
CNA Affected
[
{
"vendor": "thorsten",
"product": "thorsten/phpmyfaq",
"versions": [
{
"version": "unspecified",
"lessThan": "3.2.0-alpha",
"status": "affected",
"versionType": "custom"
}
]
}
]References
Social References
More
Related
nvd
nvd
CVE-2022-3608
2022-10-19 13:15:08
osv
osv
phpMyFAQ vulnerable to Cross-site Scripting
2022-10-19 19:00:24
CVE-2022-3608
2022-10-19 13:15:08
prion
prion
Cross site scripting
2022-10-19 13:15:00
cvelist
cvelist
CVE-2022-3608 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq
2022-10-19 00:00:00
veracode
veracode
Cross-Site Scripting (XSS)
2022-10-20 04:29:37
huntr
huntr
Stored XSS and possible RCE/LFI in case of misconfiguration
2022-10-03 11:10:31
github
github
phpMyFAQ vulnerable to Cross-site Scripting
2022-10-19 19:00:24
openvas
openvas
phpMyFAQ < 3.2.0 XSS Vulnerability
2022-11-03 00:00:00
8.4 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
7.8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
40.6%
Related for CVE-2022-3608