CVE Catalog

CVE-2023-3844

LowCVSS 3.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

High risk
3.65%

88th percentile — higher than 88% of all known CVEs

Summary

A vulnerability was found in mooSocial mooDating 1.2 related to an unknown functionality of the file /friends in the URL Handler component. Manipulation of this functionality leads to cross-site scripting (XSS) attacks.

Risk Assessment

An attacker can remotely exploit this vulnerability, posing a risk of session hijacking or data theft.

Recommendation

It is recommended to update to the latest version of mooSocial mooDating to mitigate this vulnerability and to monitor the system for unauthorized activities.

Original NVD description (English source)

A vulnerability was found in mooSocial mooDating 1.2. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /friends of the component URL Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-235195. NOTE: We tried to contact the vendor early about the disclosure but the official mail address was not working properly.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS