There is a reflected XSS in send2friend because the ‘artlang’ parameter is not sanitized.
visit http://phpmyfaq.local/?action=send2friend&artlang=aaaa"%3E%3Cscript%3Ealert(1);%3C/script%3E
sanitize the ‘$faqLanguage’ variable in https://github.com/thorsten/phpMyFAQ/blob/main/phpmyfaq/send2friend.php#L70