CVE-2023-43325

EIP tracks 1 public exploit for CVE-2023-43325. PoCs published by ahrixia. A Nuclei detection template is also available.

AI-analyzed exploit summary This repository provides a functional proof-of-concept for CVE-2023-43325, a reflected XSS vulnerability in mooSocial v3.1.8. The exploit leverages the `data[redirect_url]` parameter during user login to inject malicious JavaScript payloads, allowing session cookie theft.

A reflected cross-site scripting (XSS) vulnerability in the data[redirect_url] parameter of mooSocial v3.1.8 allows attackers to steal user's session cookies and impersonate their account via a crafted URL.