EPSS
Percentile
21.6%
thorsten/phpmyfaq is vulnerable to stored cross-site scripting. The vulnerability exists in multiple functions due to missing escape strings in the HTML entities which allows an attacker to inject and execute malicious JavaScript.
github.com/advisories/GHSA-rjf6-wj7r-5fj2
github.com/thorsten/phpmyfaq/commit/e2ea332a2b5e798f2c39203b2489a2dabe831751
huntr.dev/bounties/2ec4ddd4-de22-4f2d-ba92-3382b452bfea
huntr.dev/bounties/2ec4ddd4-de22-4f2d-ba92-3382b452bfea/