Product

Azure AD

1 brief RSS

phpMyFAQ SQL Injection via Unescaped OAuth Token

phpMyFAQ is vulnerable to SQL injection due to the `setTokenData` function failing to sanitize OAuth token fields from Azure AD JWT claims, potentially allowing attackers to execute arbitrary SQL commands via crafted Azure AD display names or custom claims.

phpMyFAQ <= 4.1.1 +1 sql-injection oauth phpmyfaq

2r 1t 1h ago