What is GHSA-h36g-93qx-rxgr?

GHSA-h36g-93qx-rxgr is a security advisory published by GitHub Security Advisories with Medium severity. phpMyFAQ: Stored XSS in FAQ Question/Answer via Encode-Decode Bypass of removeAttributes() Sanitization

Which CVE IDs does GHSA-h36g-93qx-rxgr cover?

GHSA-h36g-93qx-rxgr covers the following CVE IDs: CVE-2026-46363. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-h36g-93qx-rxgr?

GHSA-h36g-93qx-rxgr has a CVSS v3 base score of 5.4, published by GitHub Security Advisories.

Which products are affected by GHSA-h36g-93qx-rxgr?

GHSA-h36g-93qx-rxgr affects 2 products, including: composer/phpMyFAQ/phpMyFAQ:\u003c 4.1.2; composer/thorsten/phpMyFAQ:\u003c 4.1.2.

GHSA-h36g-93qx-rxgrMediumCVSS 5.4

phpMyFAQ: Stored XSS in FAQ Question/Answer via Encode-Decode Bypass of removeAttributes() Sanitization

Vendor

GitHub Security Advisories

Published

May 15, 2026

Last Modified

May 21, 2026

🔗 CVE IDs covered (1)

CVE-2026-46363 →

📋 Description

phpMyFAQ before 4.1.2 contains a stored cross-site scripting vulnerability in FAQ creation and update endpoints that bypass sanitization through encode-decode cycles. The vulnerability allows authenticated attackers with FAQ_ADD permission to inject malicious script tags via question or answer parameters, which execute in every visitor's browser when FAQ content is rendered with the raw Twig filter.

🎯 Affected products2

composer/phpMyFAQ/phpMyFAQ:< 4.1.2
composer/thorsten/phpMyFAQ:< 4.1.2

🔗 References (4)

https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-f5p7-2c9q-8896
https://nvd.nist.gov/vuln/detail/CVE-2026-46363
https://www.vulncheck.com/advisories/phpmyfaq-stored-xss-in-faq-question-answer-via-encode-decode-bypass
https://github.com/advisories/GHSA-h36g-93qx-rxgr