AI Score
Confidence
High
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial
A reflected cross-site scripting (XSS) vulnerability in the data[redirect_url] parameter of mooSocial v3.1.8 allows attackers to steal user’s session cookies and impersonate their account via a crafted URL.
github.com/ahrixia/CVE-2023-43325
moosocial.com/
travel.moosocial.com/