Lucene search
Veracode Vulnerability DatabaseVERACODE:39381HistoryFeb 22, 2023 - 8:59 a.m.
Cross-Site Scripting (XSS)
2023-02-2208:59:10
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
cross-site scripting
xss
thorsten/phpmyfaq
instances.php
missing sanitization
javascript injection
vulnerability
EPSS
0.001
Percentile
23.5%
thorsten/phpmyfaq is vulnerable to Cross-Site Scripting (XSS). The vulnerability exists in instances.php due to missing sanitization to escape newly added values which allows an attacker to inject and execute JavaScript.
Related
huntr
huntr
Stored XSS - allows stealing Admin and Users Cookies
2023-01-23 21:56:09
prion
prion
Cross site scripting
2023-02-12 14:15:00
cvelist
cvelist
CVE-2023-0791 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq
2023-02-12 00:00:00
cve
cve
CVE-2023-0791
2023-02-12 14:15:11
osv
osv
Cross-site Scripting in thorsten/phpmyfaq
2023-02-12 15:30:25
CVE-2023-0791
2023-02-12 14:15:11
github
github
Cross-site Scripting in thorsten/phpmyfaq
2023-02-12 15:30:25
cnvd
cnvd
phpMyFAQ Cross-Site Scripting Vulnerability (CNVD-2023-09633)
2023-02-14 00:00:00
nvd
nvd
CVE-2023-0791
2023-02-12 14:15:11
openvas
openvas
phpMyFAQ < 3.1.11 Multiple Vulnerabilities
2023-02-13 00:00:00