Vulnerability Description
phpMyFAQ is an open source FAQ web application. In versions 4.0.16 and below, multiple public API endpoints improperly expose sensitive user information due to insufficient access controls. The OpenQuestionController::list() endpoint calls Question::getAll() with showAll=true by default, returning records marked as non-public (isVisible=false) along with user email addresses, with similar exposures present in comment, news, and FAQ APIs. This information disclosure vulnerability could enable attackers to harvest email addresses for phishing campaigns or access content that was explicitly marked as private. This issue has been fixed in version 4.0.17.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Phpmyfaq | Phpmyfaq | < 4.0.17 |
Related Weaknesses (CWE)
References
- https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-j4rc-96xj-gvqcExploitVendor Advisory
FAQ
What is CVE-2026-24422?
CVE-2026-24422 is a vulnerability with a CVSS score of 5.3 (MEDIUM). phpMyFAQ is an open source FAQ web application. In versions 4.0.16 and below, multiple public API endpoints improperly expose sensitive user information due to insufficient access controls. The OpenQu...
How severe is CVE-2026-24422?
CVE-2026-24422 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-24422?
Check the references section above for vendor advisories and patch information. Affected products include: Phpmyfaq Phpmyfaq.