CVE-2023-43323

Medium

6.5/10

Summary

mooSocial 3.1.8 is vulnerable to external service interaction on post function. When executed, the server sends a HTTP and DNS request to external server. The Parameters effected are multiple - messageText, data[wall_photo], data[userShareVideo] and data[userShareLink].

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: LOW
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: LOW
Availability Impact: NONE

References

Advisory Timeline

Published Sep 28, 2023

CVE-2023-43323

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS