Headline
CVE-2023-1882: fix: added missing conversion to HTML entities · thorsten/phpMyFAQ@49db615
Cross-site Scripting (XSS) - DOM in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
@@ -619,7 +619,7 @@ ‘msgGlossary’ => ‘<a href="./glossary.html">’ . $PMF_LANG[‘ad_menu_glossary’] . '</a>’, ‘privacyLink’ => sprintf( '<a target="_blank" href="%s">%s</a>’, $faqConfig->get(‘main.privacyURL’), Strings::htmlentities($faqConfig->get(‘main.privacyURL’)), $PMF_LANG[‘msgPrivacyNote’] ), ‘backToHome’ => ‘<a href="./index.html">’ . $PMF_LANG[‘msgHome’] . '</a>’, @@ -642,7 +642,7 @@ ‘msgGlossary’ => ‘<a href="index.php?’ . $sids . ‘action=glossary">’ . $PMF_LANG[‘ad_menu_glossary’] . '</a>’, ‘privacyLink’ => sprintf( '<a target="_blank" href="%s">%s</a>’, $faqConfig->get(‘main.privacyURL’), Strings::htmlentities($faqConfig->get(‘main.privacyURL’)), $PMF_LANG[‘msgPrivacyNote’] ), ‘allCategories’ => ‘<a class="nav-link" href="index.php?’ . $sids . ‘action=show">’ .
Related news
thorsten/phpmyfaq prior to 3.1.12 is vulnerable to DOM cross-site scripting (XSS) because it fails to sanitize user input in the configuration privacy note URL parameter. This has been fixed in 3.1.12.