Description
Cross-site scripting (XSS) vulnerability in phpMyFAQ before 2.0.17 and 2.5.x before 2.5.2, when used with Internet Explorer 6 or 7, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to the search page.
Remediation
References
Related Vulnerabilities
WordPress Plugin Enable Media Replace SQL Injection and Arbitrary File Upload Vulnerabilities (2.3)
UAParser.js Uncontrolled Resource Consumption Vulnerability (CVE-2020-7733)
Drupal Incorrect Authorization Vulnerability (CVE-2022-25274)
WebLogic CVE-2021-2376 Vulnerability (CVE-2021-2376)
WordPress Plugin Social Tape Cross-Site Request Forgery (1.0)