Lucene search
Veracode Vulnerability DatabaseVERACODE:40463HistoryMay 10, 2023 - 8:57 a.m.
Cross-Site Scripting (XSS)
2023-05-1008:57:38
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
cross-site scripting
phpmyfaq
user-input sanitization
arbitrary javascript
browser
0.001 Low
EPSS
Percentile
29.7%
thorsten/phpmyfaq is vulnerable to Cross-Site Scripting (XSS). The vulnerability is due to a lack of user-input sanitization in record.edit.php which allows an attacker to inject and execute arbitrary JavaScript into the browser.
Related
huntr
huntr
Stored cross site scripting vulnerability in thorsten/phpmyfaq
2023-04-05 13:47:52
osv
osv
phpMyFAQ vulnerable to Stored Cross-site Scripting
2023-04-30 03:30:25
CVE-2023-2428
2023-04-30 01:15:09
prion
prion
Cross site scripting
2023-04-30 01:15:00
github
github
phpMyFAQ vulnerable to Stored Cross-site Scripting
2023-04-30 03:30:25
cve
cve
CVE-2023-2428
2023-04-30 01:15:09
nvd
nvd
CVE-2023-2428
2023-04-30 01:15:09
cvelist
cvelist
CVE-2023-2428 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq
2023-04-30 00:00:00
openvas
openvas
phpMyFAQ < 3.1.13 Multiple Vulnerabilities
2023-05-04 00:00:00