phpmyfaq is vulnerable to Cross-Site Scripting (XSS). The vulnerability is due to a lack of santization in the getUserData
parameter of header.php
which allows an attacker to inject and execute arbitrary JavaScript into the system through the username field.
CPE | Name | Operator | Version |
---|---|---|---|
phpmyfaq/phpmyfaq | le | 3.1.10 | |
thorsten/phpmyfaq | le | 3.1.10 | |
phpmyfaq/phpmyfaq | le | 3.1.10 | |
thorsten/phpmyfaq | le | 3.1.10 |