CVE-2023-1879 MEDIUM

CVE-2023-1879: Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq

Vendor Thorsten
Product thorsten/phpmyfaq
Weakness CWE-79 · XSS
Published April 5, 2023
Last update February 10, 2025
View on NVD All CVEs

CVSS base score

4.7/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

What the vulnerability does

01Description

Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12.

Key dates

02Disclosure timeline

April 5, 2023 CVE published
February 10, 2025 Record updated

Related vulnerabilities

04Related CVE

CVE-2020-36931 Click2Magic 1.1.5 - Stored Cross-Site Scripting CVE-2024-13245 CKEditor 4 LTS - WYSIWYG HTML editor - Moderately critical - Cross Site Scripting - SA-CONTRIB-2024-009 CVE-2024-30448 WordPress Slider by Supsystic plugin <= 1.8.10 - Cross Site Scripting (XSS) vulnerability CVE-2021-42549 reflected XSS in search functionality of WP Cloud Plugins - Lets-Box CVE-2024-29095 WordPress Site Reviews plugin <= 6.11.6 - Cross Site Scripting (XSS) vulnerability