Description
phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, there is a stored XSS vulnerability via Regex Bypass in Filter::removeAttributes(). This issue has been patched in version 4.1.1.
Published: 2026-04-02
Score: 6.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Stored XSS
Action: Patch Immediately
AI Analysis

Impact

The vulnerability arises from a regex bypass flaw in the Filter::removeAttributes() routine of phpMyFAQ, allowing attackers to embed malicious JavaScript into data that is stored in the database and later rendered in web pages. When an end user views affected content, the injected script executes in their browser, providing client‑side code execution that can harvest session cookies, deface the site, or launch phishing attacks.

Affected Systems

Open source FAQ web application phpMyFAQ, produced by thorsten, is affected for every release before version 4.1.1. The flaw is present wherever user supplied content is stored without proper attribute removal.

Risk and Exploitability

The CVSS score of 6.1 indicates moderate severity, while the EPSS score of less than 1% suggests a low probability of exploitation. The vulnerability is not documented in the CISA KEV catalog. Exploitation requires an attacker to inject malicious content into a stored field, such as an FAQ entry or comment, which then triggers when any user loads the page. Successful exploitation would grant only client‑side control, not system‑level access.

Generated by OpenCVE AI on April 7, 2026 at 19:57 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade phpMyFAQ to version 4.1.1 or later

Generated by OpenCVE AI on April 7, 2026 at 19:57 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-cv2g-8cj8-vgc7 phpMyFAQ: Stored XSS via Regex Bypass in Filter::removeAttributes()
History

Tue, 07 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
First Time appeared Phpmyfaq
Phpmyfaq phpmyfaq
CPEs cpe:2.3:a:phpmyfaq:phpmyfaq:*:*:*:*:*:*:*:*
Vendors & Products Phpmyfaq
Phpmyfaq phpmyfaq

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
First Time appeared Thorsten
Thorsten phpmyfaq
Vendors & Products Thorsten
Thorsten phpmyfaq

Thu, 02 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
Description phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, there is a stored XSS vulnerability via Regex Bypass in Filter::removeAttributes(). This issue has been patched in version 4.1.1.
Title phpMyFAQ: Stored XSS via Regex Bypass in Filter::removeAttributes()
Weaknesses CWE-79
References
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N'}

Subscriptions

Phpmyfaq Phpmyfaq
Thorsten Phpmyfaq
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-04-02T18:44:47.729Z

Reserved: 2026-03-30T18:41:20.754Z

Link: CVE-2026-34729

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2026-04-02T15:16:42.393

Modified: 2026-04-07T14:52:49.477

Link: CVE-2026-34729

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-08T19:55:44Z

Weaknesses