Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq

An attacker can trigger this vulnerability by injecting malicious scripts into content that is subsequently processed by the HTML5 export feature. When a user views the exported HTML5 file, the injected script executes in the context of the user's browser. This is a form of stored XSS where the lack of restrictive security headers allows the execution of unauthorized code [patch_id=24088].

The vulnerability is located in `phpmyfaq/src/phpMyFAQ/Export/Html5.php`. The `generate` method fails to implement a Content Security Policy (CSP) for generated HTML5 exports, leaving the output susceptible to stored Cross-Site Scripting (XSS) [patch_id=24088].

The patch modifies `phpmyfaq/src/phpMyFAQ/Export/Html5.php` to include a Content-Security-Policy (CSP) meta tag within the head section of the generated HTML5 output [patch_id=24088]. By setting the policy to `default-src 'self'; img-src https://*; child-src 'none';`, the fix restricts the sources from which content can be loaded and prevents the execution of unauthorized inline scripts. This mitigates the risk of stored XSS by enforcing stricter browser security controls on the exported files [patch_id=24088].