CVE-2022-3766
unknown
CVSS v3
—
CVSS v2
—
VIR risk
—
Description
phpMyFAQ vulnerable to reflected Cross-site Scripting
Predictions
Exploit likelihood
30%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.
Package impact
| Ecosystem | Package | Vulnerable | Fixed |
|---|---|---|---|
| Packagist | thorsten/phpmyfaq | <3.1.8 | 3.1.8 |
References
- https://nvd.nist.gov/vuln/detail/CVE-2022-3766
- https://github.com/thorsten/phpmyfaq/commit/c7904f2236c6c0dd64c2226b90c30af0f7e5a72d
- https://github.com/MarkLee131/awesome-web-pocs/blob/main/CVE-2022-3766.md
- https://github.com/thorsten/phpmyfaq
- https://huntr.dev/bounties/d9666520-4ff5-43bb-aacf-50c8e5570983
Verify integrity in audit chain (admin only). AS-IS.