Miggo Logo
Miggo Vulnerability Database
CVE-2023-0306

CVE-2023-0306: phpMyFAQ Stored Cross-site Scripting vulnerability

5.4

CVSS Score
3.1

Basic Information

CVE ID
CVE-2023-0306
GHSA ID
GHSA-96x6-jf5w-84c5
EPSS Score
0.24242%
CWE
CWE-79
Published
1/16/2023
Updated
1/23/2023
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
thorsten/phpmyfaqcomposer< 3.1.103.1.10

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The patch adds HTML entity escaping to multiple output locations. The vulnerable functions were identified by analyzing where raw user-controlled data (FAQ entries, titles, tags) was directly embedded in HTML contexts without proper sanitization. Class methods like Faq::getLatest and Tags rendering methods were clearly vulnerable because they handled user-generated content and passed it to templates without encoding. The admin interface scripts (record.edit.php/record.show.php) also contained vulnerable outputs, but these were template-level injections rather than discrete functions.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*ross-sit* S*riptin* (XSS) - Stor** in *it*u* r*pository t*orst*n/p*pmy**q prior to *.*.**.

Reasoning

T** p*t** ***s *TML *ntity *s**pin* to multipl* output lo**tions. T** vuln*r**l* *un*tions w*r* i**nti*i** *y *n*lyzin* w**r* r*w us*r-*ontroll** **t* (**Q *ntri*s, titl*s, t**s) w*s *ir**tly *m****** in *TML *ont*xts wit*out prop*r s*nitiz*tion. *l*
CVE-2023-0306: phpMyFAQ Persistent XSS Flaw | Miggo