[CRITICAL] phpMyFAQ enables unauthenticated 2FA brute-force attack via /admin/check acceptance of arbitrary user-id

PKSA-6pt5-mfr3-5b72 GHSA-9pq7-mfwh-xx2j

Affected package: phpmyfaq/phpmyfaq

Affected version: <=4.1.1

Reported by:
GitHub