CVE-2023-40869

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Sep 14, 2023

Updated: Sep 20, 2023

CWE ID 79

Summary

CVE-2023-40869 is a Cross-Site Scripting (XSS) vulnerability affecting mooSocial Software versions 3.1.6 and 3.1.7. This issue enables remote attackers to inject and execute malicious scripts on targeted websites. Specifically, the vulnerability lies in the edit_menu, copuon, and group_categorias functions, granting attackers the ability to steal user data or even take control of user sessions. A successful attack could lead to serious consequences, including unauthorized access, data theft, or website defacement. It is highly recommended that affected users update their software to the latest version, or implement appropriate XSS protection measures to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Predator Still Active, with New Client and Corporate Links Identified

Russia-Aligned TAG-110 Targets Tajikistan with Macro-Enabled Word Documents

Know What Matters

For Customers

For Partners

CVE-2023-40869

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations