Description

Cross-site scripting (XSS) vulnerability in phpMyFAQ before 2.6.9 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php.

Remediation

References

CVE-2010-4821

Related Vulnerabilities

MySQL CVE-2022-21323 Vulnerability (CVE-2022-21323)

Drupal Core 8.x Security Bypass (8.0.0 - 8.2.7)

Nginx CVE-2013-2070 Vulnerability (CVE-2013-2070)

WordPress Plugin Download Manager Multiple Cross-Site Scripting Vulnerabilities (3.2.48)

Oracle Database Server CVE-2024-20903 Vulnerability (CVE-2024-20903)

Severity

Medium

Classification

CVE-2010-4821 CWE-707

Tags

Missing Update Known Vulnerabilities