PT-2023-17214 · Phpmyfaq · Phpmyfaq

Published

2023-03-31

Updated

2023-04-26

CVE-2023-1754

Report an issue

CVSS v3.1

4.7

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions:

phpMyFAQ versions prior to 3.1.12

Description:

The issue is related to improper neutralization of input during web page generation, which can also be described as improper input validation. This affects the GitHub repository thorsten/phpmyfaq.

Recommendations:

For versions prior to 3.1.12, update to version 3.1.12 or later to resolve the issue.

Exploit

Fix

RCE

XSS

Weakness Enumeration

CWE-20CWE-79

Related Identifiers

CVE-2023-1754

GHSA-GVG8-R8W2-9GFJ

Affected Products

Phpmyfaq

PT-2023-17214 · Phpmyfaq · Phpmyfaq

Weakness Enumeration

Related Identifiers

Affected Products

References · 9