Headline
CVE-2023-2428: huntr – Security Bounties for any GitHub repository
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.13.
Bounties 524
Related news
GHSA-8595-6653-96p2: phpMyFAQ vulnerable to Stored Cross-site Scripting
phpMyFAQ prior to 3.1.13 has a stored cross site scripting vulnerability in `name` field in add question module. This allows an attacker to steal user cookies.