Packagist (Composer) package

thorsten/phpmyfaq

pkg:composer/thorsten/phpmyfaq

Vulnerabilities (85)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2022-3766	—	< 3.1.8	3.1.8	Oct 31, 2022	Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.8.
CVE-2022-3765	—	< 3.1.8	3.1.8	Oct 31, 2022	Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.8.
CVE-2022-3754	—	< 3.1.8	3.1.8	Oct 29, 2022	Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.8.
CVE-2022-3608	—	< 3.2.0-alpha	3.2.0-alpha	Oct 19, 2022	Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.0-alpha.
CVE-2018-16650	—	< 2.9.11	2.9.11	Sep 7, 2018	phpMyFAQ before 2.9.11 allows CSRF.

CVE-2022-3766Oct 31, 2022
affected < 3.1.8fixed 3.1.8
Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.8.
CVE-2022-3765Oct 31, 2022
affected < 3.1.8fixed 3.1.8
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.8.
CVE-2022-3754Oct 29, 2022
affected < 3.1.8fixed 3.1.8
Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.8.
CVE-2022-3608Oct 19, 2022
affected < 3.2.0-alphafixed 3.2.0-alpha
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.0-alpha.
CVE-2018-16650Sep 7, 2018
affected < 2.9.11fixed 2.9.11
phpMyFAQ before 2.9.11 allows CSRF.

Page 5 of 5