phpmyfaq is vulnerable to Cross-Site Scripting (XSS) attacks. The library does not properly escape the special characters before it output to the front end in header.php
, which allows an attacker to inject and execute malicious JavaScript.
CPE | Name | Operator | Version |
---|---|---|---|
thorsten/phpmyfaq | le | 3.1.9 | |
phpmyfaq/phpmyfaq | le | 3.1.9 | |
thorsten/phpmyfaq | le | 3.1.9 | |
phpmyfaq/phpmyfaq | le | 3.1.9 |