Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-1880: Reflected XSS in send2friend.php in phpmyfaq

Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.12.

CVE
Open in Source
#xss#git#php

Valid

Reported on

Feb 17th 2023

Description

There is a reflected XSS in send2friend because the ‘artlang’ parameter is not sanitized.

Proof of Concept

visit http://phpmyfaq.local/?action=send2friend&artlang=aaaa"%3E%3Cscript%3Ealert(1);%3C/script%3E

Fix

sanitize the ‘$faqLanguage’ variable in https://github.com/thorsten/phpMyFAQ/blob/main/phpmyfaq/send2friend.php#L70

Impact

Taking over the admin account.

Related news

GHSA-m8q9-7v2f-qjx9: thorsten/phpmyfaq vulnerable to stored cross-site scripting (XSS) via artlang parameter

thorsten/phpmyfaq prior to 3.1.12 is vulnerable to stored cross-site scripting (XSS) because it fails to sanitize user input in the artlang parameter. This has been fixed in 3.1.12.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE