Cross site scripting vulnerability in throsten /phpmyfaq in thorsten/phpmyfaq

Valid

Reported on

Apr 6th 2023


Description

Cross site scripting vulnerability in throsten /phpmyfaq in tag field at admin dashboard.

Proof of Concept

1 . Login to the demo admin account. https://roy.demo.phpmyfaq.de/admin/

2 . Go to admin dashboard --> Contents --> Add new FaQ -->Faq meta data

3 . Add payload in tag field (payload ="><iMg SrC="x" oNeRRor="alert(1);"> )

4 . Select Faq status as published

5 . click save

6 . Go to user account account https://roy.demo.phpmyfaq.de/

7 . open previously added question in categories

xss will trigger

Impact

This vulnerability is capable of stolen the user cookie

We are processing your report and will contact the thorsten/phpmyfaq team within 24 hours. a year ago
thorsten/phpmyfaq maintainer has acknowledged this report a year ago
Thorsten Rinne gave praise a year ago
The researcher's credibility has slightly increased as a result of the maintainer's thanks: +1
Thorsten Rinne validated this vulnerability a year ago
asura-n has been awarded the disclosure bounty
The fix bounty is now up for grabs
The researcher's credibility has increased: +7
Thorsten Rinne marked this as fixed in 3.1.13 with commit 514f4d a year ago
Thorsten Rinne has been awarded the fix bounty
This vulnerability has now been published 10 months ago
to join this conversation