CVE-2026-34974 | thorsten phpMyFAQ up to 4.1.0 SVG SvgSanitizer.php edit_faq cross site scripting (GHSA-5crx-pfhq-4hgg)

A vulnerability categorized as problematic has been discovered in thorsten phpMyFAQ up to 4.1.0. Affected by this issue is the function edit_faq of the file SvgSanitizer.php of the component SVG Handler. The manipulation results in cross site scripting.

This vulnerability is cataloged as CVE-2026-34974. The attack may be launched remotely. There is no exploit available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More