Security Advisory 2022-01-17

Multiple CSRF and XSS vulnerabilities in phpMyFAQ

Issued on:

2022-01-17

Software:

phpMyFAQ <= 3.0.9

Risk:

Medium

Platforms:

all

The phpMyFAQ Team has learned of some security issues that have been discovered in phpMyFAQ 3.0.9 and

earlier. phpMyFAQ contains multiple cross-site request forgery (CSRF) and cross-site scripting (XSS) vulnerabilities.

Description

phpMyFAQ does not implement sufficient checks to avoid

• XSS in the administration section when deleting meta data by an admin user,
• CSRF when toggling open questions by an admin user,
• CSRF when truncating search terms by an admin user,
• CSRF when logging out an admin user.

Solution

The phpMyFAQ Team has released the new phpMyFAQ version 3.0.10 which fix the vulnerabilities. All

users of affected phpMyFAQ versions are encouraged to upgrade as soon as possible to this latest version.

Workaround

There's no workaround except installing phpMyFAQ 3.0.10.

References

• XSS (Found by 0x7zed)
• CSRF (Found by M0rphling)
• CSRF (Found by M0rphling)
• CSRF (Found by justinp09010)

Thanks

The phpMyFAQ teams would like to thank 0x7zed, M0rphling, justinp09010 and Dennis Yassine for the responsible

disclosure of these vulnerabilities.