CVE-2026-24422
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2026-01-24

Last updated on: 2026-01-28

Assigner: GitHub, Inc.

Description
phpMyFAQ is an open source FAQ web application. In versions 4.0.16 and below, multiple public API endpoints improperly expose sensitive user information due to insufficient access controls. The OpenQuestionController::list() endpoint calls Question::getAll() with showAll=true by default, returning records marked as non-public (isVisible=false) along with user email addresses, with similar exposures present in comment, news, and FAQ APIs. This information disclosure vulnerability could enable attackers to harvest email addresses for phishing campaigns or access content that was explicitly marked as private. This issue has been fixed in version 4.0.17.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-24
Last Modified
2026-01-28
Generated
2026-05-07
AI Q&A
2026-01-24
EPSS Evaluated
2026-05-05
NVD
CVE-2026-24422
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
phpmyfaq phpmyfaq to 4.0.17 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-200 The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
CWE-NVD-CWE-noinfo
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability in phpMyFAQ version 4.0.16 and below involves multiple public API endpoints that improperly expose sensitive user information due to insufficient access controls. Specifically, the OpenQuestionController::list() endpoint calls Question::getAll() with showAll=true by default, which returns records marked as non-public (isVisible=false) along with user email addresses. Similar exposures occur in comment, news, and FAQ APIs. This leads to unintended disclosure of private content and user email addresses. [1]


How can this vulnerability impact me? :

This vulnerability can impact you by exposing sensitive user information such as email addresses and private content that was meant to be hidden. Attackers could harvest these email addresses for phishing campaigns or scrape confidential data, leading to privacy breaches and potential targeted attacks. [1]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by sending requests to the public API endpoints of phpMyFAQ version 4.0.16 or below, specifically the open-questions API endpoint (OpenQuestionController::list()). If the response includes non-public records (isVisible=false) and user email addresses, the system is vulnerable. A simple detection command could be a curl request like: curl -X GET https://your-phpmyfaq-domain/api/open-questions and inspecting the response for sensitive data exposure. [1]


What immediate steps should I take to mitigate this vulnerability?

The immediate step to mitigate this vulnerability is to upgrade phpMyFAQ to version 4.0.17 or later, where the issue has been fixed. Until the upgrade is applied, restrict access to the affected API endpoints or implement additional access controls to prevent unauthorized data exposure. [1]


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

This vulnerability causes improper exposure of sensitive user information, including email addresses and non-public content, which constitutes a privacy breach. Such exposure could lead to violations of data protection regulations like GDPR or HIPAA by failing to adequately protect personal data and confidential information. Attackers could exploit this to harvest emails for phishing or access private content, increasing the risk of non-compliance with privacy and data security requirements. [1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart