mooSocial mooStore cross site scripting
CVE-2023-4174

3.5LOW

Key Information:

Vendor: Moosocial
Status: Moostore
Vendor: CVE Published:; 6 August 2023

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 57%

What is CVE-2023-4174?

A vulnerability has been found in mooSocial mooStore 3.1.6 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. The attack can be launched remotely. The identifier VDB-236209 was assigned to this vulnerability.

Affected Version(s)

mooStore 3.1.6

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2023-4174
Created by d0rb

References

https://vuldb.com/?id.236209

vdb-entrytechnical-description

https://vuldb.com/?ctiid.236209

signaturepermissions-required

http://packetstormsecurity.com/files/174017/Social-Commer...

EPSS Score

57% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

3.5

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Aug 11, 2023
👾
Exploit known to exist
Aug 11, 2023
Vulnerability published
Aug 6, 2023
Vulnerability Reserved
Aug 5, 2023

Credit

skalvin (VulDB User)

CVE-2023-4174 Data

JSON

Moosocial