phpMyFAQ User Interface (UI) Misrepresentation of Critical Information Vulnerability - CVE-2024-55889

phpMyFAQ is an open source FAQ web application. Prior to version 3.2.10 a vulnerability exists in the FAQ Record component where a privileged attacker can trigger a file download on a victim39s machine upon page visit by embedding it in an ltiframegt element without user interaction or explicit consent. Version 3.2.10 fixes the issue.