Lucene search
Veracode Vulnerability DatabaseVERACODE:39365HistoryFeb 20, 2023 - 4:02 p.m.
Cross-site Scripting (XSS)
2023-02-2016:02:29
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
thorsten/phpmyfaq
cross-site scripting
xss
html entities
faq.php
javascript
vulnerability
0.001 Low
EPSS
Percentile
23.5%
thorsten/phpmyfaq is vulnerable to Cross-site Scripting (XSS). The vulnerability exists due to the missing conversion for HTML entities in Faq.php, allowing an attacker to inject and execute malicious JavaScript.
| CPE | Name | Operator | Version |
|---|---|---|---|
| thorsten/phpmyfaq | le | 3.1.10 | |
| phpmyfaq/phpmyfaq | le | 3.1.10 | |
| thorsten/phpmyfaq | le | 3.1.10 | |
| phpmyfaq/phpmyfaq | le | 3.1.10 |
Related
osv
osv
Cross-site Scripting in thorsten/phpmyfaq
2023-02-12 15:30:25
CVE-2023-0787
2023-02-12 14:15:11
cnvd
cnvd
phpMyFAQ Cross-Site Scripting Vulnerability (CNVD-2023-09630)
2023-02-14 00:00:00
prion
prion
Cross site scripting
2023-02-12 14:15:00
cvelist
cvelist
CVE-2023-0787 Cross-site Scripting (XSS) - Generic in thorsten/phpmyfaq
2023-02-12 00:00:00
github
github
Cross-site Scripting in thorsten/phpmyfaq
2023-02-12 15:30:25
huntr
huntr
stored XSS through Question sending
2023-01-23 23:16:45
cve
cve
CVE-2023-0787
2023-02-12 14:15:11
nvd
nvd
CVE-2023-0787
2023-02-12 14:15:11
openvas
openvas
phpMyFAQ < 3.1.11 Multiple Vulnerabilities
2023-02-13 00:00:00