Description
Cross-site scripting (XSS) vulnerability in phpMyFAQ before 2.0.17 and 2.5.x before 2.5.2, when used with Internet Explorer 6 or 7, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to the search page.
Remediation
References
Related Vulnerabilities
WordPress Plugin Woocommerce Categories in gallery format Cross-Site Scripting (1.0.1)
Drupal Core 4.6.x Security Bypass (4.6.0 - 4.6.5)
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-11620)
Moodle Improper Input Validation Vulnerability (CVE-2012-0801)
Liferay DXP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-25143)