Cross-Site Scripting Vulnerability in phpMyFAQ by phpMyFAQ
CVE-2017-7579
6.1MEDIUM
What is CVE-2017-7579?
A cross-site scripting vulnerability exists in phpMyFAQ before version 2.9.7, specifically in the question field of inc/PMF/Faq.php. This flaw allows attackers to inject malicious scripts into web pages viewed by users, potentially leading to information theft, session hijacking, and other malicious activities. Users are advised to update their phpMyFAQ installations to the latest version to mitigate this risk.