EPSS
Percentile
40.5%
thorsten/phpmyfaq is vulnerable to Cross-Site Scripting (XSS). The vulnerability is due to a lack of user-input sanitization in the cleanUpContent function, which allows an attacker to inject and execute arbitrary JavaScript into the browser.
cleanUpContent
github.com/advisories/GHSA-vppq-6ff8-2m8w
github.com/thorsten/phpmyfaq/commit/5401ab75d022932b8d5d7adaa771acf44fed18ba
huntr.dev/bounties/eca2284d-e81a-4ab8-91bb-7afeca557628