EPSS
Percentile
31.7%
phpmyfaq is vulnerable to cross-site request forgery (CSRF) attacks. The library is missing CSRF protection in the phpmyfaq/admin/news.php file, allowing a malicious user to send a request to delete a news entry.
phpmyfaq/admin/news.php
github.com/thorsten/phpMyFAQ/commit/ec8b3cc37d05b6625e24916b8f7253f830015b5f