CVE-2022-34963

MEDIUM

Open Source Social Network 6.3 LTS - Stored Cross-Site Scripting via News Feed Module

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-34963. PoCs published by bypazs.

AI-analyzed exploit summary This repository provides a detailed technical explanation of a stored XSS vulnerability in OpenTeknik LLC OSSN v6.3 LTS, including attack vectors, payloads, and steps to exploit the vulnerability via the News Feed module.

Description

OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the News Feed module.

Exploits (1)

nomisec WRITEUP
by bypazs · poc
https://github.com/bypazs/CVE-2022-34963

This repository provides a detailed technical explanation of a stored XSS vulnerability in OpenTeknik LLC OSSN v6.3 LTS, including attack vectors, payloads, and steps to exploit the vulnerability via the News Feed module.

Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS
Auth required
Prerequisites: Valid user account on the target OSSN instance · Access to the News Feed module
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (5)

Core 5

Scores

CVSS v3 5.4
EPSS 0.0088
EPSS Percentile 54.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Details

CWE
CWE-79
Status published
Products (1)
openteknik/open_source_social_network 6.3
Published Jul 25, 2022
Tracked Since Feb 18, 2026