CVE-2022-3608 HIGH

CVE-2022-3608: Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq

Vendor Thorsten

Product thorsten/phpmyfaq

Weakness CWE-79 · XSS

Published October 19, 2022

Last update May 8, 2025

CVSS base score

7.2/10

Attack vector Network

Attack complexity Low

Privileges required High

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.0-alpha.

Key dates

October 19, 2022 CVE published

May 8, 2025 Record updated

External resources

Related vulnerabilities

CVE CVE-2022-3608

CWE CWE-79

CVSS 7.2 / HIGH

Vendor Thorsten

Product thorsten/phpmyfaq

Affected ≥ unspecified and < 3.2.0-alpha