Vulnerability Database
Blog
FAQ
Docs
GHSA-vppq-6ff8-2m8w
Suggest an improvement
Source
https://github.com/advisories/GHSA-vppq-6ff8-2m8w
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/05/GHSA-vppq-6ff8-2m8w/GHSA-vppq-6ff8-2m8w.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-vppq-6ff8-2m8w
Aliases
CVE-2023-2753
Published
2023-05-17T09:30:16Z
Modified
2024-02-16T08:03:34.418156Z
Severity
5.4 (Medium)
CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVSS Calculator
Summary
phpMyFAQ vulnerable to stored Cross-site Scripting
Details
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.0-beta.
References
https://nvd.nist.gov/vuln/detail/CVE-2023-2753
https://github.com/thorsten/phpmyfaq/commit/5401ab75d022932b8d5d7adaa771acf44fed18ba
https://github.com/thorsten/phpmyfaq
https://huntr.dev/bounties/eca2284d-e81a-4ab8-91bb-7afeca557628
Affected packages
Packagist
/
thorsten/phpmyfaq
Package
Name
thorsten/phpmyfaq
Purl
pkg:composer/thorsten/phpmyfaq
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
3.2.0-beta
Affected versions
2.*
2.8.0-alpha2
2.8.0-alpha3
2.8.0-beta
2.8.0-beta2
2.8.0-beta3
2.8.0-RC
2.8.0-RC2
2.8.0-RC3
2.8.0-RC4
2.8.0
2.8.1
2.8.2
2.8.3
2.8.4
2.8.5
2.8.6
2.8.7
2.8.8
2.8.9
2.8.10
2.8.11
2.8.12
2.8.13
2.8.14
2.8.15
2.8.16
2.8.17
2.8.18
2.8.19
2.8.20
2.8.21
2.8.22
2.8.23
2.8.24
2.8.25
2.8.26
2.8.27
2.8.28
2.8.29
2.9.0-alpha
2.9.0-alpha2
2.9.0-alpha3
2.9.0-alpha4
2.9.0-beta
2.9.0-beta2
2.9.0-rc
2.9.0-rc2
2.9.0-rc3
2.9.0-rc4
2.9.0
2.9.1
2.9.2
2.9.3
2.9.4
2.9.5
2.9.6
2.9.7
2.9.8
2.9.9
2.9.10
2.9.11
2.9.12
2.9.13
2.10.0-alpha
3.*
3.0.0-alpha
3.0.0-alpha.2
3.0.0-alpha.3
3.0.0-alpha.4
3.0.0-beta
3.0.0-beta.2
3.0.0-beta.3
3.0.0-RC
3.0.0-RC.2
3.0.0
3.0.1
3.0.2
3.0.3
3.0.4
3.0.5
3.0.6
3.0.7
3.0.8
3.0.9
3.0.10
3.0.11
3.0.12
3.1.0-alpha
3.1.0-alpha.2
3.1.0-alpha.3
3.1.0-beta
3.1.0-RC
3.1.0
3.1.1
3.1.2
3.1.3
3.1.4
3.1.5
3.1.6
3.1.7
3.1.8
3.1.9
3.1.10
3.1.11
3.1.12
3.1.13
3.1.14
3.1.15
3.1.16
3.1.17
3.1.18
3.2.0-alpha
GHSA-vppq-6ff8-2m8w - OSV