Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
phpMyFAQ Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2026-34729 - Vulnerability Database
phpMyFAQ

phpMyFAQ Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2026-34729

Medium
Reference: CVE-2026-34729
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2026-34729
Title: phpMyFAQ Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Overview:

phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1 there is a stored XSS vulnerability via Regex Bypass in Filter::removeAttributes(). This issue has been patched in version 4.1.1.