phpmyfaq is vulnerable to Cross-Site Scripting (XSS) attacks. The library does not properly escape the user input in the artlang
parameter of send2friend.php
before it output to the front end, allowing an attacker to inject and execute malicious JavaScript in the victim’s browser.