Server side cross-site scripting In thorsten/phpmyfaq
Description
phpMyFAQ vulnerable to Stored Cross-site Scripting
phpMyFAQ prior to version 3.1.13 has a stored cross site scripting vulnerability in name field in add question module. This allows an attacker to steal user cookies.
Mitigation
Update Impact
Minimal update. May introduce new vulnerabilities or breaking changes.
Ecosystem | Package | Affected version | Patched versions |
|---|---|---|---|
 packagist | 3.1.13 |
Aliases
1. 2. 3. 4.
References
1. 2. 3.