CVE-2023-1886: Authentication Bypass by Capture-replay

April 5, 2023 (updated April 6, 2023)

Authentication Bypass by Capture-replay in GitHub repository thorsten/phpmyfaq prior to 3.1.12.

References

github.com/advisories/GHSA-4cr4-x82x-hwm9
github.com/thorsten/phpmyfaq/commit/27eaaae16850694634ac52416a0bd38b35d7330a
huntr.dev/bounties/b7d244b7-5ac3-4964-81ee-8dbb5bb5e33a
nvd.nist.gov/vuln/detail/CVE-2023-1886

Detect and mitigate CVE-2023-1886 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →