Lucene search
Veracode Vulnerability DatabaseVERACODE:38441HistoryDec 13, 2022 - 2:11 a.m.
Cross-Site Scripting (XSS)
2022-12-1302:11:34
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
cross-site scripting
stored
html entities
attacker
javascript
vulnerability
EPSS
0.001
Percentile
21.6%
thorsten/phpmyfaq is vulnerable to stored cross-site scripting. The vulnerability exists in multiple functions due to missing escape strings in the HTML entities which allows an attacker to inject and execute malicious JavaScript.
Related
osv
osv
phpMyFAQ vulnerable to Cross-site Scripting
2022-12-11 15:30:45
CVE-2022-4408
2022-12-11 15:15:10
prion
prion
Cross site scripting
2022-12-11 15:15:00
huntr
huntr
Missing CSRF protection
2022-11-24 06:38:17
github
github
phpMyFAQ vulnerable to Cross-site Scripting
2022-12-11 15:30:45
cve
cve
CVE-2022-4408
2022-12-11 15:15:10
cvelist
cvelist
CVE-2022-4408 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq
2022-12-11 00:00:00
nvd
nvd
CVE-2022-4408
2022-12-11 15:15:10
openvas
openvas
phpMyFAQ < 3.1.9 Multiple Vulnerabilities
2022-12-12 00:00:00