CVE-2023-3535
LowCVSS 3.5Exploitation Probability (EPSS)
Low risk23th percentile — higher than 23% of all known CVEs
Summary
A vulnerability was found in SimplePHPscripts FAQ Script PHP 2.3, affecting an unknown functionality of the file /preview.php in the URL Parameter Handler component. The manipulation leads to cross site scripting.
Risk Assessment
An attacker can remotely exploit this vulnerability, potentially leading to user data theft or session hijacking.
Recommendation
It is recommended to update the script to the latest version and implement input data filtering to minimize the risk of XSS attacks.
Original NVD description (English source)
A vulnerability was found in SimplePHPscripts FAQ Script PHP 2.3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-233287.

