WEB APPLICATION VULNERABILITIES Standard & Premium

phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-7579)

Description

inc/PMF/Faq.php in phpMyFAQ before 2.9.7 has XSS in the question field.

Remediation

References

Related Vulnerabilities

PHP Address Book Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-1748)

Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-1010016)

WebLogic Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-21371)

WordPress Plugin WP-Live Chat by 3CX Security Bypass (8.0.32)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6098)

Severity

Medium

Classification

CVE-2017-7579 CWE-707 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities