GHSA-8595-6653-96p2
Suggest an improvement- Source
- https://github.com/advisories/GHSA-8595-6653-96p2
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/04/GHSA-8595-6653-96p2/GHSA-8595-6653-96p2.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-8595-6653-96p2
- Aliases
- Published
- 2023-04-30T03:30:25Z
- Modified
- 2025-01-30T19:01:47.736735Z
- Severity
-
- 6.1 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- phpMyFAQ vulnerable to Stored Cross-site Scripting
- Details
-
phpMyFAQ prior to version 3.1.13 has a stored cross site scripting vulnerability in
namefield in add question module. This allows an attacker to steal user cookies. - Database specific
{ "severity": "MODERATE", "github_reviewed_at": "2023-05-01T22:30:37Z", "nvd_published_at": "2023-04-30T01:15:09Z", "github_reviewed": true, "cwe_ids": [ "CWE-79" ] }- References
Affected packages
Packagist / thorsten/phpmyfaq
Package
- Name
- thorsten/phpmyfaq
- Purl
- pkg:composer/thorsten/phpmyfaq
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.1.13
Affected versions
2.*
2.8.0-alpha2
2.8.0-alpha3
2.8.0-beta
2.8.0-beta2
2.8.0-beta3
2.8.0-RC
2.8.0-RC2
2.8.0-RC3
2.8.0-RC4
2.8.0
2.8.1
2.8.2
2.8.3
2.8.4
2.8.5
2.8.6
2.8.7
2.8.8
2.8.9
2.8.10
2.8.11
2.8.12
2.8.13
2.8.14
2.8.15
2.8.16
2.8.17
2.8.18
2.8.19
2.8.20
2.8.21
2.8.22
2.8.23
2.8.24
2.8.25
2.8.26
2.8.27
2.8.28
2.8.29
2.9.0-alpha
2.9.0-alpha2
2.9.0-alpha3
2.9.0-alpha4
2.9.0-beta
2.9.0-beta2
2.9.0-rc
2.9.0-rc2
2.9.0-rc3
2.9.0-rc4
2.9.0
2.9.1
2.9.2
2.9.3
2.9.4
2.9.5
2.9.6
2.9.7
2.9.8
2.9.9
2.9.10
2.9.11
2.9.12
2.9.13
2.10.0-alpha
3.*
3.0.0-alpha
3.0.0-alpha.2
3.0.0-alpha.3
3.0.0-alpha.4
3.0.0-beta
3.0.0-beta.2
3.0.0-beta.3
3.0.0-RC
3.0.0-RC.2
3.0.0
3.0.1
3.0.2
3.0.3
3.0.4
3.0.5
3.0.6
3.0.7
3.0.8
3.0.9
3.0.10
3.0.11
3.0.12
3.1.0-alpha
3.1.0-alpha.2
3.1.0-alpha.3
3.1.0-beta
3.1.0-RC
3.1.0
3.1.1
3.1.2
3.1.3
3.1.4
3.1.5
3.1.6
3.1.7
3.1.8
3.1.9
3.1.10
3.1.11
3.1.12