Skip to main content

Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)

CVE-2023-1758

Severity Medium
Score 5.4/10

Summary

Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in thorsten/phpmyfaq prior to 3.1.12.

  • LOW
  • NETWORK
  • LOW
  • CHANGED
  • REQUIRED
  • LOW
  • LOW
  • NONE

CWE-75 - Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)

The software does not adequately filter user-controlled input for special elements with control implications.

Advisory Timeline

  • Published