CVE-2023-1755
published 2023-03-31CVE-2023-1755: Cross-site Scripting (XSS) - Generic in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
PriorityP424medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
EPSS
0.61%
45.0th percentile
Cross-site Scripting (XSS) - Generic in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| linux | linux_kernel | >= 5.15.0 < 5.15.111 | 5.15.111 |
| linux | linux_kernel | >= 5.16.0 < 6.1.28 | 6.1.28 |
| linux | linux_kernel | >= 6.2.0 < 6.2.15 | 6.2.15 |
| linux | linux_kernel | >= 6.3.0 < 6.3.2 | 6.3.2 |
| phpmyfaq | phpmyfaq | < 3.1.12 | 3.1.12 |
| thorsten | phpmyfaq | >= 0 < 3.1.12 | 3.1.12 |
| thorsten | thorsten_phpmyfaq | >= unspecified < 3.1.12 | 3.1.12 |
CVSS provenance
nvdv3.15.4MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
nvdv3.08.4HIGHCVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
fs/ntfs3: Fix OOB read in indx_insert_into_buffer
osv·2025-12-24
CVE-2023-54063 fs/ntfs3: Fix OOB read in indx_insert_into_buffer
fs/ntfs3: Fix OOB read in indx_insert_into_buffer
In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: Fix OOB read in indx_insert_into_buffer
Syzbot reported a OOB read bug:
BUG: KASAN: slab-out-of-bounds in indx_insert_into_buffer+0xaa3/0x13b0
fs/ntfs3/index.c:1755
Read of size 17168 at addr ffff8880255e06c0 by task syz-executor308/3630
Call Trace:
memmove+0x25/0x60 mm/kasan/shadow.c:54
indx_insert_into_buffer+0xaa3/0x13b0 fs/ntfs3/index.c:1755
indx_insert_entry+0x446/0x6b0 fs/ntfs3/index.c:1863
ntfs_create_inode+0x1d3f/0x35c0 fs/ntfs3/inode.c:1548
ntfs_create+0x3e/0x60 fs/ntfs3/namei.c:100
lookup_open fs/namei.c:3413 [inline]
If the member struct INDEX_BUFFER *index of struct indx_node is
incorrect, that is, the value of __le32 used is greater than the va
OSV
phpMyFAQ Cross-site Scripting vulnerability
osv·2023-03-31
CVE-2023-1755 [MEDIUM] phpMyFAQ Cross-site Scripting vulnerability
phpMyFAQ Cross-site Scripting vulnerability
Cross-site Scripting (XSS) - Generic in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
GHSA
phpMyFAQ Cross-site Scripting vulnerability
ghsa·2023-03-31
CVE-2023-1755 [MEDIUM] CWE-79 phpMyFAQ Cross-site Scripting vulnerability
phpMyFAQ Cross-site Scripting vulnerability
Cross-site Scripting (XSS) - Generic in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
Red Hat
kernel: fs/ntfs3: Fix OOB read in indx_insert_into_buffer
vendor_redhat·2025-12-24
CVE-2023-54063 kernel: fs/ntfs3: Fix OOB read in indx_insert_into_buffer
kernel: fs/ntfs3: Fix OOB read in indx_insert_into_buffer
In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: Fix OOB read in indx_insert_into_buffer
Syzbot reported a OOB read bug:
BUG: KASAN: slab-out-of-bounds in indx_insert_into_buffer+0xaa3/0x13b0
fs/ntfs3/index.c:1755
Read of size 17168 at addr ffff8880255e06c0 by task syz-executor308/3630
Call Trace:
memmove+0x25/0x60 mm/kasan/shadow.c:54
indx_insert_into_buffer+0xaa3/0x13b0 fs/ntfs3/index.c:1755
indx_insert_entry+0x446/0x6b0 fs/ntfs3/index.c:1863
ntfs_create_inode+0x1d3f/0x35c0 fs/ntfs3/inode.c:1548
ntfs_create+0x3e/0x60 fs/ntfs3/namei.c:100
lookup_open fs/namei.c:3413 [inline]
If the member struct INDEX_BUFFER *index of struct indx_node is
incorrect, that is, the value of __le32 used is greater than the
No detection rules found.
No public exploits indexed.
2023-03-31
Published