[CRITICAL] phpMyFAQ enables unauthenticated 2FA brute-force attack via /admin/check acceptance of arbitrary user-id

PKSA-q6mm-vp1w-mgjs GHSA-9pq7-mfwh-xx2j

Affected package: thorsten/phpmyfaq

Affected version: <=4.1.1

Reported by:
GitHub