CVE-2023-3848

EIP tracks 1 public exploit for CVE-2023-3848. A Nuclei detection template is also available.

AI-analyzed exploit summary The exploit demonstrates multiple reflected XSS vulnerabilities in mooDating 1.2 by injecting malicious payloads into URL parameters across various endpoints. The payloads use standard XSS techniques (e.g., `<img src=a onerror=alert(1)>`) to trigger arbitrary JavaScript execution.

A vulnerability, which was classified as problematic, has been found in mooSocial mooDating 1.2. This issue affects some unknown processing of the file /users/view of the component URL Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-235199. NOTE: We tried to contact the vendor early about the disclosure but the official mail address was not working properly.