GHSA-JPH3-3J24-PG3J thorsten/phpmyfaq vulnerable to DOM cross-site scripting (XSS) via configuration privacy note URL parameter

thorsten/phpmyfaq prior to 3.1.12 is vulnerable to DOM cross-site scripting XSS because it fails to sanitize user input in the configuration privacy note URL parameter. This has been fixed in 3.1.12...

thorsten/phpmyfaq vulnerable to DOM cross-site scripting (XSS) via configuration privacy note URL parameter

thorsten/phpmyfaq prior to 3.1.12 is vulnerable to DOM cross-site scripting XSS because it fails to sanitize user input in the configuration privacy note URL parameter. This has been fixed in 3.1.12...

PT-2023-17310 · Thorsten · Phpmyfaq

Name of the Vulnerable Software and Affected Versions: thorsten/phpmyfaq versions prior to 3.1.12 Description: The issue is related to Cross-site Scripting XSS - DOM, where the software fails to sanitize user input in the configuration privacy note URL parameter. This allows for potential...

CVE-2022-30334

Brave before 1.34, when a Private Window with Tor Connectivity is used, leaks .onion URLs in Referer and Origin headers. NOTE: although this was fixed by Brave, the Brave documentation still advises "Note that Private Windows with Tor Connectivity in Brave are just regular private windows that us...