Vulnerabilities > Moosocial > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-16 | CVE-2023-45542 | Cross-site Scripting vulnerability in Moosocial 3.1.8 Cross Site Scripting vulnerability in mooSocial 3.1.8 allows a remote attacker to obtain sensitive information via a crafted script to the q parameter in the Search function. | 6.1 |
| 2023-10-09 | CVE-2023-44812 | Cross-site Scripting vulnerability in Moosocial 3.1.8 Cross Site Scripting (XSS) vulnerability in mooSocial v.3.1.8 allows a remote attacker to execute arbitrary code via a crafted payload to the admin_redirect_url parameter of the user login function. | 6.1 |
| 2023-10-09 | CVE-2023-44813 | Cross-site Scripting vulnerability in Moosocial 3.1.8 Cross Site Scripting (XSS) vulnerability in mooSocial v.3.1.8 allows a remote attacker to execute arbitrary code via a crafted payload to the mode parameter of the invite friend login function. | 6.1 |
| 2023-09-28 | CVE-2023-43323 | Unspecified vulnerability in Moosocial 3.1.8 mooSocial 3.1.8 is vulnerable to external service interaction on post function. | 6.5 |
| 2023-09-26 | CVE-2023-43325 | Cross-site Scripting vulnerability in Moosocial 3.1.8 A reflected cross-site scripting (XSS) vulnerability in the data[redirect_url] parameter of mooSocial v3.1.8 allows attackers to steal user's session cookies and impersonate their account via a crafted URL. | 6.1 |
| 2023-09-25 | CVE-2023-43326 | Cross-site Scripting vulnerability in Moosocial 3.1.8 A reflected cross-site scripting (XSS) vulnerability exisits in multiple url of mooSocial v3.1.8 allows attackers to steal user's session cookies and impersonate their account via a crafted URL. | 6.1 |
| 2023-09-14 | CVE-2023-40869 | Cross-site Scripting vulnerability in Moosocial 3.1.6/3.1.7 Cross Site Scripting vulnerability in mooSocial mooSocial Software 3.1.6 and 3.1.7 allows a remote attacker to execute arbitrary code via a crafted script to the edit_menu, copuon, and group_categorias functions. | 6.1 |
| 2023-08-06 | CVE-2023-4175 | Cross-site Scripting vulnerability in Moosocial Mootravel 3.1.8 A vulnerability was found in mooSocial mooTravel 3.1.8 and classified as problematic. | 6.1 |
| 2023-08-06 | CVE-2023-4174 | Cross-site Scripting vulnerability in Moosocial Moostore 3.1.6 A vulnerability has been found in mooSocial mooStore 3.1.6 and classified as problematic. | 6.1 |
| 2023-08-06 | CVE-2023-4173 | Cross-site Scripting vulnerability in Moosocial Moostore 3.1.6 A vulnerability, which was classified as problematic, was found in mooSocial mooStore 3.1.6. | 6.1 |