CVE-2023-3535

Name of the Vulnerable Software and Affected Versions SimplePHPscripts FAQ Script PHP version 2.3

Description A vulnerability was found in the file /preview.php of the component URL Parameter Handler, leading to cross site scripting. The attack can be launched remotely.

Recommendations For version 2.3, consider disabling the /preview.php file until a patch is available. Restrict access to the URL Parameter Handler component to minimize the risk of exploitation. Avoid using the vulnerable functionality of the /preview.php file in the affected URL Parameter Handler component until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.