CVE-2024-28108

CVSS V2 None CVSS V3 None
Description
phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. Due to insufficient validation on the `contentLink` parameter, it is possible for unauthenticated users to inject HTML code to the page which might affect other users. _Also, requires that adding new FAQs is allowed for guests and that the admin doesn't check the content of a newly added FAQ._ This vulnerability is fixed in 3.2.6.
Overview
  • CVE ID
  • CVE-2024-28108
  • Assigner
  • GitHub_M
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-03-25T18:52:19.325Z
  • Last Modified Date
  • 2024-03-25T18:52:19.325Z
History
Created Old Value New Value Data Type Notes
2024-06-26 08:08:58 Added to TrackCVE