Security
Headlines

Headlines Latest CVEs

Headline

GHSA-v6g2-jwrm-h5r5: phpMyFAQ Cross-site Scripting

phpMyFAQ prior to 3.2.0-beta.2 contains a cross-site scripting vulnerability. When an administrator restores a backup from a file, it’s possible to trigger an error with a specially crafted file that can be displayed on the web page. Since the error message contains the invalid part of the file, any JavaScript code in the file is executed.

1 year ago

#xss #vulnerability #web #git #java #php

phpMyFAQ Cross-site Scripting

Moderate severity GitHub Reviewed Published Jun 30, 2023 to the GitHub Advisory Database • Updated Jun 30, 2023

Related news

CVE-2023-3469: huntr – Security Bounties for any GitHub repository

Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.2.0-beta.2.

1 year ago

ghsa: Latest News

GHSA-g5x8-v2ch-gj2g: Vaultwarden HTML injection vulnerability

11 hours ago

GHSA-x7m9-mv49-fv73: Vaultwarden vulnerable to user impersonation

11 hours ago

GHSA-vprm-27pv-jp3w: Vaultwarden authenticated reflected cross-site scripting (XSS) vulnerability

11 hours ago

GHSA-5xh2-23cc-5jc6: Strawberry GraphQL has type resolution vulnerability in node interface that allows potential data leakage through incorrect type resolution

13 hours ago

GHSA-675f-rq2r-jw82: JWK Set's HTTP client only overwrites and appends JWK to local cache during refresh

15 hours ago