The phpMyFAQ Team has learned of a security issue that has been discovered in our mail server configuration, a missing DMARC record
Email spoofing was possible due to missing DMARC Records for the mail server at phpmyfaq.de. Attackers could send an email from that exact domain put in From field, because SMTP by default does not have any protection against fake “From” addresses.
The phpMyFAQ Team activated DMARC for our domain phpmyfaq.de.
The phpMyFAQ teams would like to thank Jason Ryan for the responsible disclosure of the vulnerability.