Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)
CVE-2023-1758
Summary
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in thorsten/phpmyfaq prior to 3.1.12.
- LOW
- NETWORK
- LOW
- CHANGED
- REQUIRED
- LOW
- LOW
- NONE
CWE-75 - Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)
The software does not adequately filter user-controlled input for special elements with control implications.
References
Advisory Timeline
- Published