logo

Database

Server side cross-site scripting In phpmyfaq/phpmyfaq

Description

phpMyFAQ Stored Cross-site Scripting at FAQ News Content

Summary

By manipulating the news parameter in a POST request, an attacker can inject malicious JavaScript code. Upon browsing to the compromised news page, the XSS payload triggers.

PoC

    Edit a FAQ news, intercept the request and modify the news parameter in the POST body with the following payload: %3cscript%3ealert('xssContent')%3c%2fscript%3e

    Browse to the particular news page and the XSS should pop up. image

Impact

This allows an attacker to execute arbitrary client side JavaScript within the context of another user's phpMyFAQ session

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2024-281062. NVD-2024-281063. OSV-2024-281064. GHSA-6p68-36m6-392r5. GCVE-2024-28106

References

1. https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-6p68-36m6-392r2. https://github.com/thorsten/phpMyFAQ/commit/c94b3deadd87789389e1fad162bc3dd595c0e15a

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.