CVE-2024-56199
published 2025-01-02CVE-2024-56199: phpMyFAQ is an open source FAQ web application. Starting no later than version 3.2.10 and prior to version 4.0.2, an attacker can inject malicious HTML content…
PriorityP336high7.6CVSS 3.1
AVNACLPRLUIRSCCNILAH
EPSS
0.40%
31.4th percentile
phpMyFAQ is an open source FAQ web application. Starting no later than version 3.2.10 and prior to version 4.0.2, an attacker can inject malicious HTML content into the FAQ editor at `http[:]//localhost/admin/index[.]php?action=editentry`, resulting in a complete disruption of the FAQ page's user interface. By injecting malformed HTML elements styled to cover the entire screen, an attacker can render the page unusable. This injection manipulates the page structure by introducing overlapping buttons, images, and iframes, breaking the intended layout and functionality. Exploiting this issue can lead to Denial of Service for legitimate users, damage to the user experience, and potential abuse in phishing or defacement attacks. Version 4.0.2 contains a patch for the vulnerability.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| phpmyfaq | phpmyfaq | >= 3.2.10 < 4.0.2 | 4.0.2 |
| phpmyfaq | phpmyfaq | 3.2.10 – 4.0.1 | — |
| thorsten | phpmyfaq | — | — |
| thorsten | phpmyfaq | 3.2.10 – 4.0.1 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
phpMyFAQ Vulnerable to Stored HTML Injection at FAQ
ghsa·2025-01-02
CVE-2024-56199 [MEDIUM] CWE-79 phpMyFAQ Vulnerable to Stored HTML Injection at FAQ
phpMyFAQ Vulnerable to Stored HTML Injection at FAQ
### Summary
Due to insufficient validation on the content of new FAQ posts, it is possible for authenticated users to inject malicious HTML or JavaScript code that can impact other users viewing the FAQ. This vulnerability arises when user-provided inputs in FAQ entries are not sanitized or escaped before being rendered on the page.
### Details
An attacker can inject malicious HTML content into the FAQ editor at http://localhost/admin/index.php?action=editentry, resulting in a complete disruption of the FAQ page's user interface. By injecting malformed HTML elements styled to cover the entire screen, an attacker can render the page unusable. This injection manipulates the page structure by introducing overlapping buttons, images, and if
OSV
phpMyFAQ Vulnerable to Stored HTML Injection at FAQ
osv·2025-01-02
CVE-2024-56199 [MEDIUM] phpMyFAQ Vulnerable to Stored HTML Injection at FAQ
phpMyFAQ Vulnerable to Stored HTML Injection at FAQ
### Summary
Due to insufficient validation on the content of new FAQ posts, it is possible for authenticated users to inject malicious HTML or JavaScript code that can impact other users viewing the FAQ. This vulnerability arises when user-provided inputs in FAQ entries are not sanitized or escaped before being rendered on the page.
### Details
An attacker can inject malicious HTML content into the FAQ editor at http://localhost/admin/index.php?action=editentry, resulting in a complete disruption of the FAQ page's user interface. By injecting malformed HTML elements styled to cover the entire screen, an attacker can render the page unusable. This injection manipulates the page structure by introducing overlapping buttons, images, and if
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-01-02
Published