CVE-2023-3846

EIP tracks 1 public exploit for CVE-2023-3846. A Nuclei detection template is also available.

AI-analyzed exploit summary The exploit demonstrates multiple reflected XSS vulnerabilities in mooDating 1.2 by providing crafted URLs with malicious payloads. The payloads inject JavaScript via the 'onerror' event of an image tag, confirming the vulnerability.

A vulnerability classified as problematic has been found in mooSocial mooDating 1.2. This affects an unknown part of the file /pages of the component URL Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The identifier VDB-235197 was assigned to this vulnerability. NOTE: We tried to contact the vendor early about the disclosure but the official mail address was not working properly.