CVE-2023-3844
LowCVSS 3.5Exploitation Probability (EPSS)
High risk88th percentile — higher than 88% of all known CVEs
Summary
A vulnerability was found in mooSocial mooDating 1.2 related to an unknown functionality of the file /friends in the URL Handler component. Manipulation of this functionality leads to cross-site scripting (XSS) attacks.
Risk Assessment
An attacker can remotely exploit this vulnerability, posing a risk of session hijacking or data theft.
Recommendation
It is recommended to update to the latest version of mooSocial mooDating to mitigate this vulnerability and to monitor the system for unauthorized activities.
Original NVD description (English source)
A vulnerability was found in mooSocial mooDating 1.2. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /friends of the component URL Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-235195. NOTE: We tried to contact the vendor early about the disclosure but the official mail address was not working properly.

