thorsten/phpmyfaq vulnerable to DOM cross-site scripting (XSS) via configuration privacy note URL parameter
thorsten/phpmyfaq prior to 3.1.12 is vulnerable to DOM cross-site scripting XSS because it fails to sanitize user input in the configuration privacy note URL parameter. This has been fixed in 3.1.12...