CVE-2022-3766: phpMyFAQ vulnerable to reflected Cross-site Scripting

October 31, 2022

Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.8.

References

github.com/advisories/GHSA-mg5h-rhjq-6v84
github.com/thorsten/phpmyfaq/commit/c7904f2236c6c0dd64c2226b90c30af0f7e5a72d
huntr.dev/bounties/d9666520-4ff5-43bb-aacf-50c8e5570983
nvd.nist.gov/vuln/detail/CVE-2022-3766

Detect and mitigate CVE-2022-3766 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →