PT-2023-17218 · Unknown · Thorsten/Phpmyfaq
Publicado
2023-04-05
·
Atualizado
2023-04-11
·
CVE-2023-1758
CVSS v3.1
8.9
Alta
| Vetor | AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L |
Name of the Vulnerable Software and Affected Versions
thorsten/phpmyfaq versions prior to 3.1.12
Description
The issue is related to a failure to sanitize special elements, which can lead to stored cross-site scripting (XSS) due to insufficient sanitization of user input in the FAQ comment
username parameter.Recommendations
For versions prior to 3.1.12, update to version 3.1.12 to resolve the issue.
Exploit
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Thorsten/Phpmyfaq