thorsten/phpmyfaq is vulnerable to Stored Cross-site Scripting (XSS). The vulnerability exists due to the improper sanitization in the adminlog
of the stat.adminlog.php
, which allows an attacker to inject and execute malicious JavaScript through the $text
attribute.
CPE | Name | Operator | Version |
---|---|---|---|
thorsten/phpmyfaq | le | 3.1.11 | |
phpmyfaq/phpmyfaq | le | 3.1.11 | |
thorsten/phpmyfaq | le | 3.1.11 | |
phpmyfaq/phpmyfaq | le | 3.1.11 |