logo

Database

Lack of data validation - Modify DOM Elements In thorsten/phpmyfaq

Description

phpMyFAQ Code Injection vulnerability Code Injection in GitHub repository thorsten/phpmyfaq prior to 3.1.12.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2023-17612. NVD-2023-17613. OSV-2023-17614. GCVE-2023-1761

References

1. https://github.com/thorsten/phpmyfaq/commit/128ef85f8e3ab7869d3107aa4d0b6867b53391d72. https://huntr.dev/bounties/24c0a65f-0751-4ff8-af63-4b325ac8879f

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.