3 matches found
CVE-2023-1757 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq
Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12...
CVE-2023-1757
CVE-2023-1757 is a stored XSS vulnerability in phpMyFAQ prior to 3.1.12. The root cause, per the linked advisory, is unsanitized input in the FAQ News link parameter, enabling stored script execution. In affected versions, an attacker could exploit this via the News link parameter; remediation is...
phpMyFAQ < 3.1.12 Multiple Vulnerabilities
phpMyFAQ is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phpmyfaq:phpmyfaq"; if description...