thorsten/phpmyfaq is vulnerable to cross-site scripting. The vulnerability exists in multiple functions due to missing quoting for search terms which allows an attacker to inject arbitrary html and script code into the web site.
CPE | Name | Operator | Version |
---|---|---|---|
thorsten/phpmyfaq | le | 3.1.7 | |
phpmyfaq/phpmyfaq | le | 3.1.7 | |
thorsten/phpmyfaq | le | 3.1.7 | |
phpmyfaq/phpmyfaq | le | 3.1.7 |