0.001 Low
EPSS
Percentile
29.7%
thorsten/phpmyfaq is vulnerable to Cross-Site Scripting (XSS). The vulnerability is due to a lack of user-input sanitization in record.edit.php which allows an attacker to inject and execute arbitrary JavaScript into the browser.
record.edit.php
github.com/advisories/GHSA-8595-6653-96p2
github.com/thorsten/phpmyfaq/commit/0a4980d870bac92df945f6d022726c4e3ed584ab
huntr.dev/bounties/cee65b6d-b003-4e6a-9d14-89aa94bee43e