[MEDIUM] phpMyFAQ: Stored XSS in FAQ Question/Answer via Encode-Decode Bypass of removeAttributes() Sanitization

PKSA-s9c3-zvvd-d3x2 CVE-2026-46363 GHSA-h36g-93qx-rxgr

Affected package: phpmyfaq/phpmyfaq

Affected version: <4.1.2

Reported by:
GitHub