logo

Database

Reflected cross-site scripting (XSS) In thorsten/phpmyfaq

Description

phpMyFAQ vulnerable to reflected Cross-site Scripting phpMyFAQ prior to version 3.1.8 is vulnerable to reflected cross-site scripting.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2022-37662. NVD-2022-37663. OSV-2022-37664. GCVE-2022-3766

References

1. https://github.com/thorsten/phpmyfaq/commit/c7904f2236c6c0dd64c2226b90c30af0f7e5a72d2. https://github.com/MarkLee131/awesome-web-pocs/blob/main/CVE-2022-3766.md3. https://huntr.dev/bounties/d9666520-4ff5-43bb-aacf-50c8e55709834. https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-3766.yaml

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.