First published: Wed Sep 20 2017(Updated: )
Cross-site scripting (XSS) vulnerability in phpMyFAQ through 2.9.8 allows remote attackers to inject arbitrary web script or HTML via the "Title of your FAQ" field in the Configuration Module.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
phpMyFAQ | <=2.9.8 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-14619 is classified as a medium severity vulnerability.
To fix CVE-2017-14619, upgrade phpMyFAQ to version 2.9.9 or later, where the vulnerability has been addressed.
CVE-2017-14619 affects phpMyFAQ versions up to and including 2.9.8.
CVE-2017-14619 is a cross-site scripting (XSS) vulnerability.
Remote attackers can exploit CVE-2017-14619 to inject arbitrary web scripts or HTML.