ahrixia/CVE-2023-43325
GitHub
Releases0
mooSocial v3.1.8 is vulnerable to cross-site scripting on user login function.
CVE History
| CVE | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|
| 6.1 MEDIUM | — | ||
A reflected cross-site scripting (XSS) vulnerability in the data[redirect_url] parameter of mooSocial v3.1.8 allows attackers to steal user's session cookies and impersonate their account via a crafted URL. | |||