PT-2024-40327 · Framework · Framework

Name of the Vulnerable Software and Affected Versions: framework versions prior to 3.1.14 Description: A risk exists due to an unvalidated returnURL parameter passed to dev/build, which could cause the user to redirect to an unverified third-party URL outside of the site. Recommendations: For...

phpMyFAQ 跨站脚本漏洞

phpMyFAQ is a multi-language, fully database-driven FAQ system by the individual developer Thorsten Rinne. A cross-site scripting vulnerability exists in phpMyFAQ versions prior to 3.1.14. An attacker can exploit this vulnerability to perform cross-site scripting attacks...