4.7 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
7 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.1%
phpmyfaq is vulnerable to HTML injection. The vulnerability is due to insufficient validation on the contentLink
parameter, this allowing an attacker to inject HTML code that can affect other users.
CPE | Name | Operator | Version |
---|---|---|---|
thorsten/phpmyfaq | le | 3.2.5 | |
phpmyfaq/phpmyfaq | le | 3.2.5 | |
thorsten/phpmyfaq | le | 3.2.5 | |
phpmyfaq/phpmyfaq | le | 3.2.5 |
4.7 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
7 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.1%