GHSA-w42g-jj8w-fj77

Source

https://github.com/advisories/GHSA-w42g-jj8w-fj77

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/05/GHSA-w42g-jj8w-fj77/GHSA-w42g-jj8w-fj77.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-w42g-jj8w-fj77

Aliases

CVE-2026-46367

Published

2026-05-15T21:31:32Z

Modified

2026-05-21T21:30:21.909471979Z

Severity

7.6 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N CVSS Calculator

Summary

phpMyFAQ: Stored XSS via Utils::parseUrl() in comment rendering

Details

phpMyFAQ before 4.1.2 contains a stored cross-site scripting vulnerability in Utils::parseUrl() that allows authenticated users to inject JavaScript via malformed URLs in comments. Attackers can craft URLs with unescaped quotes to inject event handlers, stealing admin session cookies and achieving full application takeover when visitors view affected FAQ pages.

Database specific

{
    "cwe_ids": [
        "CWE-79"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-05-21T21:17:45Z",
    "nvd_published_at": "2026-05-15T19:17:04Z",
    "severity": "HIGH"
}

References

Affected packages

Packagist / phpMyFAQ/phpMyFAQ

Package

Name: phpMyFAQ/phpMyFAQ
Purl: pkg:composer/phpMyFAQ%2FphpMyFAQ

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.1.2

Database specific

source

"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/05/GHSA-w42g-jj8w-fj77/GHSA-w42g-jj8w-fj77.json"

Packagist / phpMyFAQ

Package

Name: phpMyFAQ
Purl: pkg:composer/phpMyFAQ

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.1.2

Database specific

source

"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/05/GHSA-w42g-jj8w-fj77/GHSA-w42g-jj8w-fj77.json"