CVE-2023-4174

moderate-risk
Published 2023-08-06

A vulnerability has been found in mooSocial mooStore 3.1.6 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. The attack can be launched remotely. The identifier VDB-236209 was assigned to this vulnerability.

Do I need to act?

!
58.8% chance of exploitation in next 30 days
EPSS score — higher than 41% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
!
1 public exploit available
51671
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
3
CVSS 3.5/10 Low
NETWORK / LOW complexity

Affected Products (1)

Affected Vendors

Moosocial

References (6)

Exploit http://packetstormsecurity.com/files/174017/Social-Commerce-3.1.6-Cross-Site-Scr...
Permissions Required https://vuldb.com/?ctiid.236209
Third Party Advisory https://vuldb.com/?id.236209
Exploit http://packetstormsecurity.com/files/174017/Social-Commerce-3.1.6-Cross-Site-Scr...
Permissions Required https://vuldb.com/?ctiid.236209
Third Party Advisory https://vuldb.com/?id.236209
46
/ 100
moderate-risk
Severity 16/34 · Moderate
Exploitability 25/34 · High
Exposure 5/34 · Minimal