Lucene search
Veracode Vulnerability DatabaseVERACODE:40741HistoryMay 31, 2023 - 5:04 a.m.
Cross-Site Scripting (XSS)
2023-05-3105:04:49
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
thorsten
phpmyfaq
cross-site scripting
0.001 Low
EPSS
Percentile
29.7%
thorsten/phpmyfaq is vulnerable to Cross-Site Scripting (XSS). The vulnerability is due to a lack of content sanitization in the createFaqUrl function, which allows an attacker to inject and execute arbitrary JavaScript into the browser.
| CPE | Name | Operator | Version |
|---|---|---|---|
| phpmyfaq/phpmyfaq | le | 3.2.0-alpha | |
| thorsten/phpmyfaq | le | 3.2.0-alpha | |
| phpmyfaq/phpmyfaq | le | 3.2.0-alpha | |
| thorsten/phpmyfaq | le | 3.2.0-alpha |
Related
osv
osv
CVE-2023-2752
2023-05-17 08:15:08
phpMyFAQ vulnerable to stored Cross-site Scripting
2023-05-17 09:30:16
prion
prion
Cross site scripting
2023-05-17 08:15:00
githubexploit
githubexploit
Exploit for Cross-site Scripting in Phpmyfaq
2024-05-11 12:29:08
cve
cve
CVE-2023-2752
2023-05-17 08:15:08
nvd
nvd
CVE-2023-2752
2023-05-17 08:15:08
github
github
phpMyFAQ vulnerable to stored Cross-site Scripting
2023-05-17 09:30:16
huntr
huntr
Stored Cross Site Scripting at FAQ Answer
2023-04-10 10:21:05
cvelist
cvelist
CVE-2023-2752 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq
2023-05-17 00:00:00
openvas
openvas
phpMyFAQ < 3.2.0-beta Multiple XSS Vulnerabilities
2023-05-18 00:00:00