Moderate severityNVD Advisory· Published Dec 11, 2022· Updated Feb 16, 2026
Cross-site Scripting (XSS) - Reflected in thorsten/phpmyfaq
CVE-2022-4407
Description
Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.9.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
thorsten/phpmyfaqPackagist | < 3.1.9 | 3.1.9 |
Affected products
2- thorsten/thorsten/phpmyfaqv5Range: unspecified
Patches
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
5- github.com/advisories/GHSA-cp9c-phxx-55xmghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-4407ghsaADVISORY
- github.com/MarkLee131/awesome-web-pocs/blob/main/CVE-2022-4407.mdghsaWEB
- github.com/thorsten/phpmyfaq/commit/1d73af34bf42764f9f9491c7ba5e9495d70e3ca5ghsaWEB
- huntr.dev/bounties/a1649f43-78c9-4927-b313-36911872a84bghsaWEB
News mentions
0No linked articles in our index yet.