EPSS
Percentile
23.5%
thorsten/phpmyfaq is vulnerable to Cross-Site Scripting (XSS). The vulnerability exists in instances.php due to missing sanitization to escape newly added values which allows an attacker to inject and execute JavaScript.
instances.php
github.com/advisories/GHSA-c38p-vw6j-qjpr
github.com/thorsten/phpmyfaq/commit/26663efcb0b67e421e4ecccad8f19e7106bb03ce
huntr.dev/bounties/7152b340-c6f3-4ac8-9f62-f764a267488d
huntr.dev/bounties/7152b340-c6f3-4ac8-9f62-f764a267488d/