phpMyFAQ phpMyFAQ The phpMyFAQ Team has learned of a clickjacking issue that have been discovered in phpMyFAQ 2.8.17 and earlier.
phpMyFAQ 2.8.17 and earlier are vulnerable to clickjacking for all pages as it's possible to load phpMyFAQ in an iFrame which can trick a user into performing undesired actions by clicking on a concealed link.
The phpMyFAQ Team has released phpMyFAQ version 2.8.18 which fixes the vulnerability. All users of affected phpMyFAQ versions are encouraged to upgrade as soon as possible to this latest version.
There's no workaround except installing phpMyFAQ 2.8.18.
The phpMyFAQ teams would like to thank Narendra Bhati for the responsible disclosure of this vulnerability.