Security Advisory 2016-05-31

Stored XSS in phpMyFAQ

Issued on:

2016-05-31

Software:

phpMyFAQ <= 2.8.28 and phpMyFAQ <= 2.9.0

Risk:

High

Platforms:

all

The phpMyFAQ Team has learned of a security issue that have been discovered in phpMyFAQ 2.8.28 and 2.9.0 and

earlier. phpMyFAQ contains a stored vulnerability.

Description

phpMyFAQ relies on PHPs filter_input() function with FILTER_VALIDATE_URL flag is used to validate URLs inside the

functionality to save FAQs. But this function doesn’t protect against XSS.

Solution

The phpMyFAQ Team has released the new phpMyFAQ versions 2.8.29 and 2.9.1 which fix the vulnerability. All users

of affected phpMyFAQ versions are encouraged to upgrade as soon as possible to this latest version.

Workaround

There's no workaround except installing phpMyFAQ 2.8.29 and 2.9.1.

Credits

• Security Advisory by Kacper Szurek

Thanks

The phpMyFAQ teams would like to thank Kacper Szurek

for the responsible disclosure of this vulnerability.