CVE-2023-0792: Improper Control of Generation of Code ('Code Injection')

February 12, 2023 (updated February 14, 2023)

Code Injection in GitHub repository thorsten/phpmyfaq prior to 3.1.11.

References

github.com/advisories/GHSA-wjrj-jc3w-ppfw
github.com/thorsten/phpmyfaq/commit/d8964568d69488de02f0a0a58acc822eeb5c3cb1
huntr.dev/bounties/9e21156b-ab1d-4c60-88ef-8c9f3e2feb7f
nvd.nist.gov/vuln/detail/CVE-2023-0792

Detect and mitigate CVE-2023-0792 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →