EPSS
Percentile
31.5%
phpMyFAQ is vulnerable to cross-site request forgery. An attacker is able activate any user on behalf of the administrator by tricking the victim into visiting a malicious site.
github.com/thorsten/phpMyFAQ/commit/9ec84ff1515e455c290b5c90cf9501c82d80a357
www.phpmyfaq.de/security/advisory-2018-09-02