Lucene search
GitHub Advisory DatabaseGHSA-RJF6-WJ7R-5FJ2HistoryDec 11, 2022 - 3:30 p.m.
phpMyFAQ vulnerable to Cross-site Scripting
2022-12-1115:30:45
CWE-79
GitHub Advisory Database
github.com
7
phpmyfaq
version 3.1.9
cross-site scripting
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
20.3%
phpMyFAQ prior to version 3.1.9 is vulnerable to stored Cross-site Scripting (XSS).
Affected configurations
Node
thorstenphpmyfaqRange<3.1.9
| CPE | Name | Operator | Version |
|---|---|---|---|
| thorsten/phpmyfaq | lt | 3.1.9 |
Related
osv
osv
CVE-2022-4408
2022-12-11 15:15:10
phpMyFAQ vulnerable to Cross-site Scripting
2022-12-11 15:30:45
huntr
huntr
Missing CSRF protection
2022-11-24 06:38:17
nvd
nvd
CVE-2022-4408
2022-12-11 15:15:10
cvelist
cvelist
CVE-2022-4408 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq
2022-12-11 00:00:00
veracode
veracode
Cross-Site Scripting (XSS)
2022-12-13 02:11:34
cve
cve
CVE-2022-4408
2022-12-11 15:15:10
prion
prion
Cross site scripting
2022-12-11 15:15:00
openvas
openvas
phpMyFAQ < 3.1.9 Multiple Vulnerabilities
2022-12-12 00:00:00
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
20.3%
Related for GHSA-RJF6-WJ7R-5FJ2