Description
Cross-site scripting (XSS) vulnerability in phpMyFAQ through 2.9.8 allows remote attackers to inject arbitrary web script or HTML via the "Title of your FAQ" field in the Configuration Module.
Remediation
References
Related Vulnerabilities
MediaWiki Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2022-41766)
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-5625)
WordPress Plugin Nextend Facebook Connect Cross-Site Scripting (1.5.5)
phpMyAdmin Other Vulnerability (CVE-2007-4306)
Nginx Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9516)