Description

Cross-site scripting (XSS) vulnerability in phpMyFAQ before 2.6.9 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php.

Remediation

References

CVE-2010-4821

Related Vulnerabilities

Artifactory Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-10036)

WordPress Plugin jcwp youtube channel embed Cross-Site Scripting (1.5.2)

LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-16192)

WordPress Ultimate Member Plugin Improper Privilege Management Vulnerability (CVE-2020-36155)

OpenSSL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2022-1434)

Severity

Medium

Classification

CVE-2010-4821 CWE-707

Tags

Missing Update Known Vulnerabilities