Eclipse07077-Ljw

**Name of the Vulnerable Software and Affected Versions** Miniflux versions prior to 2.2.16 **Description** Miniflux is an open source feed reader. Prior to version 2.2.16, the media proxy endpoint, `GET /proxy/{encodedDigest}/{encodedURL}`, can be exploited to perform Server-Side Request Forgery (SSRF). An authenticated user can manipulate Miniflux to create a signed proxy URL for media URLs specified by the attacker within feed entry content. These URLs can include internal addresses, such as localhost, private RFC1918 ranges, or link-local metadata endpoints. Accessing the generated `/proxy/...` URL causes Miniflux to retrieve and return the response from the internal address. **Recommendations** Upgrade to Miniflux version 2.2.16 or later.

**Name of the Vulnerable Software and Affected Versions** phpMyFAQ versions 4.0.14 through 4.0.15 **Description** phpMyFAQ is a web application for creating FAQs. Versions 4.0.14 and 4.0.15 contain a stored cross-site scripting (XSS) issue. An attacker can inject and execute arbitrary JavaScript code in an administrator’s browser. This is achieved by registering a user with a display name containing HTML entities. When an administrator views the admin user list, the payload is decoded and rendered without proper escaping, leading to script execution within the administrator's context. **Recommendations** Upgrade to phpMyFAQ version 4.0.16 or later.

**Name of the Vulnerable Software and Affected Versions** phpMyFAQ versions prior to 4.0.16 **Description** An unauthenticated remote attacker can trigger the generation of a configuration backup ZIP file via the `/api/setup/backup` API endpoint. The generated ZIP file, accessible via the web, contains sensitive configuration files such as `database.php` which includes database credentials. This leads to information disclosure and potential compromise. The vulnerable parameter is not specified. **Recommendations** Update to version 4.0.16 or later.