phpMyFAQ vulnerable to Cross-site Scripting
High severity
GitHub Reviewed
Published
Oct 19, 2022
to the GitHub Advisory Database
•
Updated Feb 2, 2023
Description
Published by the National Vulnerability Database
Oct 19, 2022
Published to the GitHub Advisory Database
Oct 19, 2022
Reviewed
Oct 19, 2022
Last updated
Feb 2, 2023
phpMyFAQ versions 3.1.7 and prior are vulnerable to stored cross-site scripting (XSS). A patch is available on the
main
branch of the repository and anticipated to be part of version 3.2.0-alpha.References