CVE-2010-2514

Name of the Vulnerable Software and Affected Versions Joomla! component com jfaq version 1.2

Description A cross-site scripting issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is achieved via the question parameter in an 'add2' action to "index.php".

Recommendations For version 1.2, consider restricting access to the 'add2' action in index.php to minimize the risk of exploitation. Avoid using the question parameter in the affected API endpoint until the issue is resolved.