Description
Cross-site scripting (XSS) vulnerability in phpMyFAQ before 2.6.9 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php.
Remediation
References
Related Vulnerabilities
Artifactory Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-10036)
WordPress Plugin jcwp youtube channel embed Cross-Site Scripting (1.5.2)
WordPress Ultimate Member Plugin Improper Privilege Management Vulnerability (CVE-2020-36155)
OpenSSL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2022-1434)