EPSS
Percentile
30.0%
thorsten/phpmyfaq is vulnerable to cross-site scripting. The vulnerability exists in multiple functions due to missing quoting for search terms which allows an attacker to inject arbitrary html and script code into the web site.
github.com/advisories/GHSA-mg5h-rhjq-6v84
github.com/thorsten/phpmyfaq/commit/c7904f2236c6c0dd64c2226b90c30af0f7e5a72d
huntr.dev/bounties/d9666520-4ff5-43bb-aacf-50c8e5570983
huntr.dev/bounties/d9666520-4ff5-43bb-aacf-50c8e5570983/