GHSA-p57w-9q28-j6v7

Source

https://github.com/advisories/GHSA-p57w-9q28-j6v7

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-p57w-9q28-j6v7/GHSA-p57w-9q28-j6v7.json

JSON Data

https://api.test.osv.dev/v1/vulns/GHSA-p57w-9q28-j6v7

Aliases

CVE-2018-16650

Published

2022-05-14T02:02:33Z

Modified

2023-11-01T04:49:07.261627Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

phpMyFAQ CSRF

Details

phpMyFAQ before 2.9.11 allows CSRF.

Database specific

{
    "github_reviewed": true,
    "github_reviewed_at": "2023-07-25T18:43:01Z",
    "severity": "HIGH",
    "cwe_ids": [
        "CWE-352"
    ],
    "nvd_published_at": "2018-09-07T05:29:00Z"
}

References

Affected packages

Packagist / thorsten/phpmyfaq

Package

Name: thorsten/phpmyfaq
Purl: pkg:composer/thorsten/phpmyfaq

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.9.11

Affected versions

2.*

2.8.0-alpha2

2.8.0-alpha3

2.8.0-beta

2.8.0-beta2

2.8.0-beta3

2.8.0-RC

2.8.0-RC2

2.8.0-RC3

2.8.0-RC4

2.8.0

2.8.1

2.8.2

2.8.3

2.8.4

2.8.5

2.8.6

2.8.7

2.8.8

2.8.9

2.8.10

2.8.11

2.8.12

2.8.13

2.8.14

2.8.15

2.8.16

2.8.17

2.8.18

2.8.19

2.8.20

2.8.21

2.8.22

2.8.23

2.8.24

2.8.25

2.8.26

2.8.27

2.8.28

2.8.29

2.9.0-alpha

2.9.0-alpha2

2.9.0-alpha3

2.9.0-alpha4

2.9.0-beta

2.9.0-beta2

2.9.0-rc

2.9.0-rc2

2.9.0-rc3

2.9.0-rc4

2.9.0

2.9.1

2.9.2

2.9.3

2.9.4

2.9.5

2.9.6

2.9.7

2.9.8

2.9.9

2.9.10

Database specific

source

"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-p57w-9q28-j6v7/GHSA-p57w-9q28-j6v7.json"