CVE-2023-45542

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Oct 16, 2023

Updated: Oct 19, 2023

CWE ID 79

Summary

CVE-2023-45542 is a Cross-Site Scripting (XSS) vulnerability affecting mooSocial version 3.1.8. An attacker can exploit this flaw by injecting malicious scripts through the q parameter in the Search function. Successful exploitation allows the attacker to gain unauthorized access to sensitive user information. This vulnerability poses a significant risk, as it can be triggered through simple search queries, potentially leading to data theft or further compromise. Users are advised to update their mooSocial installation as soon as possible to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/s8JOGv
https://www.cve.org/CVERecord?id=CVE-2023-45542
https://nvd.nist.gov/vuln/detail/CVE-2023-45542

Back to Vulnerability Database

CVE-2023-45542

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations