WEB APPLICATION VULNERABILITIES Standard & Premium

phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-15728)

Description

In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting (XSS) via metaDescription or metaKeywords.

Remediation

References

Related Vulnerabilities

PostgreSQL Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-24213)

WordPress Plugin Comprehensive Google Map Cross-Site Request Forgery (9.1.3)

MySQL CVE-2018-3064 Vulnerability (CVE-2018-3064)

TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21365)

WordPress Plugin WordPress Shortcodes-Shortcodes Ultimate Remote Code Execution (5.0.0)

Severity

Medium

Classification

CVE-2017-15728 CWE-707 CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities