CVE-2023-3843 PoC — mooSocial mooDating 跨站脚本漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-3843.yaml

Associated Vulnerability

Title:mooSocial mooDating 跨站脚本漏洞 (CVE-2023-3843)
Description:mooSocial mooDating是mooSocial公司的一个约会应用程序。 mooSocial mooDating 1.2版本存在跨站脚本漏洞，该漏洞源于文件/matchmakings/question存在跨站脚本（XSS）漏洞。

Description

A vulnerability was found in mooSocial mooDating 1.2. It has been classified as problematic. Affected is an unknown function of the file /matchmakings/question of the component URL Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. VDB-235194 is the identifier assigned to this vulnerability. NOTE: We tried to contact the vendor early about the disclosure but the official mail address was not working properly.

File Snapshot


 id: CVE-2023-3843

info:
  name: mooDating 1.2 - Cross-site scripting
  author: r3Y3r53
  severity: 

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!