CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
AI Score
Confidence
High
EPSS
Percentile
15.5%
The email
field in phpMyFAQβs user control panel page is vulnerable to stored XSS attacks due to the inadequacy of PHPβs FILTER_VALIDATE_EMAIL
function, which only validates the email format, not its content. This vulnerability enables an attacker to execute arbitrary client-side JavaScript within the context of another userβs phpMyFAQ session.
Despite using PHPβs FILTER_VALIDATE_EMAIL
function, the email field does not adequately validate the content of the email address. This means that malicious input, such as JavaScript code, can be accepted and stored in the database without being detected. When the stored data is retrieved and displayed on web pages, it is not properly sanitized to remove or neutralize any potentially harmful content, such as JavaScript code which leads to Stored XSS.
Login as any user, go to the user control panel, change email to any valid email and intercept the request.
Modify the requestβs email parameter to the following payload: "><svg/onload=confirm('XSS')>"@x.y
Send the request and see that the XSS is triggered in the user control panel page.
Also affects any user who browse to ββ¦/admin/?action=user&user_action=listallusersβ
This allows an attacker to execute arbitrary client side JavaScript within the context of another userβs phpMyFAQ session.
github.com/advisories/GHSA-q7g6-xfh2-vhpx
github.com/thorsten/phpMyFAQ/commit/09336b0ff0e0a04aa0c97c5975651af4769d2459
github.com/thorsten/phpMyFAQ/commit/de90315c9bd4ead5fe6ba5586f6b016843aa8209
github.com/thorsten/phpMyFAQ/security/advisories/GHSA-q7g6-xfh2-vhpx
nvd.nist.gov/vuln/detail/CVE-2024-27300
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
AI Score
Confidence
High
EPSS
Percentile
15.5%