Medium severity4.8NVD Advisory· Published Sep 20, 2017· Updated Jun 17, 2026
CVE-2017-14618
CVE-2017-14618
Description
Cross-site scripting (XSS) vulnerability in inc/PMF/Faq.php in phpMyFAQ through 2.9.8 allows remote attackers to inject arbitrary web script or HTML via the Questions field in an "Add New FAQ" action.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:phpmyfaq:phpmyfaq:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:phpmyfaq:phpmyfaq:*:*:*:*:*:*:*:*range: <=2.9.8
- (no CPE)range: <=2.9.8
Patches
Vulnerability mechanics
References
3- www.exploit-db.com/exploits/42761/nvdExploitThird Party AdvisoryVDB Entry
- www.phpmyfaq.de/security/advisory-2017-10-19nvd
- packetstormsecurity.com/files/144280/phpMyFAQ-2.9.8-Cross-Site-Scripting.htmlnvd
News mentions
0No linked articles in our index yet.