CVE-2023-0794 HIGH

CVE-2023-0794: Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq

Vendor Thorsten
Product thorsten/phpmyfaq
Weakness CWE-79 · XSS
Published February 12, 2023
Last update March 21, 2025
View on NVD All CVEs

CVSS base score

8.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

What the vulnerability does

01Description

Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.11.

Key dates

02Disclosure timeline

February 12, 2023 CVE published
March 21, 2025 Record updated

Related vulnerabilities

04Related CVE

CVE-2024-26058 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) CVE-2023-30563 Stored Cross-Site Scripting on User Import Functionality CVE-2025-20368 Stored Cross-Site Scripting (XSS) through missing field warning messages in Saved Search and Job Inspector on Splunk Enterprise CVE-2025-23428 WordPress QMean plugin <= 2.0 - Reflected Cross Site Scripting (XSS) vulnerability CVE-2025-23813 WordPress Guten Free Options Plugin <= 0.9.7 - Reflected Cross Site Scripting (XSS) vulnerability