Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-6890: stored XSS Bypass in the FAQ Fields in phpmyfaq

Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.17.

CVE
Open in Source
#xss#vulnerability#git#php

Valid

Reported on

Jul 24th 2023

We are processing your report and will contact the thorsten/phpmyfaq team within 24 hours. 5 months ago

We have contacted a member of the thorsten/phpmyfaq team and are waiting to hear back 5 months ago

Please check it with the latest version 3.1.16, not the one on the demo page.

okay i will check and give you a Feedback.

I could re-produce some of the issues.

The fix bounty is now up for grabs

The researcher’s credibility has increased: +7

This vulnerability will not receive a CVE

This vulnerability is scheduled to go public on Sep 30th 2023

Hello. Thank you. Can you please assign it a CVE.

Hello. Thank you. Can you please assign it a CVE.

Hello. Thank you. Can you please assign it a CVE.

@admin could you please assign a CVE?

@admin thank you for your time and effort.

May i kindly ask you to assign me a CVE for this Vulnerability as this will help me further in my researches etc.

Thank you very much for your efforts again and hope hearing from you soon.

Best regards Ahmed Hassan

to join this conversation

We are processing your report and will contact the thorsten/phpmyfaq team within 24 hours. 5 months ago

We have contacted a member of the thorsten/phpmyfaq team and are waiting to hear back 5 months ago

Please check it with the latest version 3.1.16, not the one on the demo page.

okay i will check and give you a Feedback.

I could re-produce some of the issues.

The fix bounty is now up for grabs

The researcher’s credibility has increased: +7

This vulnerability will not receive a CVE

This vulnerability is scheduled to go public on Sep 30th 2023

Hello. Thank you. Can you please assign it a CVE.

Hello. Thank you. Can you please assign it a CVE.

Hello. Thank you. Can you please assign it a CVE.

@admin could you please assign a CVE?

@admin thank you for your time and effort.

May i kindly ask you to assign me a CVE for this Vulnerability as this will help me further in my researches etc.

Thank you very much for your efforts again and hope hearing from you soon.

Best regards Ahmed Hassan

to join this conversation

Related news

GHSA-4h37-q5j3-hw96: phpMyFAQ Cross-site Scripting vulnerability

Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.17.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE