2 matches found
CVE-2023-2998 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq
Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.14...
CVE-2023-2998
The CVE-2023-2998 entry concerns a Stored XSS in thorsten/phpMyFAQ before version 3.1.14. According to the documents, when admins create a FAQ News item, user-supplied content in the “text of the record” can inject scripts, leading to cross-site script execution. Affected component: phpMyFAQ’s ba...