CVE Catalog

CVE-2023-3847

LowCVSS 3.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

High risk
3.65%

88th percentile — higher than 88% of all known CVEs

Summary

A vulnerability was found in mooSocial mooDating version 1.2 that allows cross site scripting (XSS) attacks through manipulation of code in the /users file of the URL Handler component. The attack can be initiated remotely.

Risk Assessment

This vulnerability could lead to session hijacking and data theft, posing a significant security risk to the organization.

Recommendation

It is recommended to update to the latest version of mooSocial mooDating and monitor the application for unauthorized activities.

Original NVD description (English source)

A vulnerability classified as problematic was found in mooSocial mooDating 1.2. This vulnerability affects unknown code of the file /users of the component URL Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. VDB-235198 is the identifier assigned to this vulnerability. NOTE: We tried to contact the vendor early about the disclosure but the official mail address was not working properly.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS