2 matches found
CVE-2026-46360
phpMyFAQ before 4.1.2 contains a stored cross-site scripting vulnerability in SvgSanitizer::decodeAllEntities that limits recursive entity decoding to 5 iterations, allowing attackers to bypass sanitization. Authenticated users with FAQEDIT permission can upload malicious SVG files with deeply...
GHSA-7CX3-2QX2-3G6W phpMyFAQ's Missing Authorization on Tag Deletion Allows Any Authenticated User to Delete Tags
Summary The TagController::delete endpoint at DELETE /admin/api/content/tags/tagId only verifies that the user is logged in userIsAuthenticated, but does not check any permission. Any authenticated user — including regular non-admin frontend users — can delete any tag by ID. This contrasts with...