WEB APPLICATION VULNERABILITIES Standard & Premium

phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0308)

Description

Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10.

Remediation

References

Related Vulnerabilities

WordPress Plugin Simple Retail Menus SQL Injection (4.0.1)

WordPress Plugin Extra User Details Privilege Escalation (0.4.2)

WordPress Plugin Event Registration 'id' Parameter SQL Injection (5.43)

PHP Other Vulnerability (CVE-2007-1884)

YUI Library Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4710)

Severity

Medium

Classification

CVE-2023-0308 CWE-707 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities