Описание
mooSocial 3.1.8 is vulnerable to external service interaction on post function. When executed, the server sends a HTTP and DNS request to external server. The Parameters effected are multiple - messageText, data[wall_photo], data[userShareVideo] and data[userShareLink].
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:moosocial:moosocial:3.1.8:*:*:*:*:*:*:*
EPSS
Процентиль: 99%
0.68741
Средний
6.5 Medium
CVSS3
Дефекты
NVD-CWE-noinfo
CWE-15
Связанные уязвимости
CVSS3: 6.5
github
больше 2 лет назад
mooSocial 3.1.8 is vulnerable to external service interaction on post function. When executed, the server sends a HTTP and DNS request to external server. The Parameters effected are multiple - messageText, data[wall_photo], data[userShareVideo] and data[userShareLink].
EPSS
Процентиль: 99%
0.68741
Средний
6.5 Medium
CVSS3
Дефекты
NVD-CWE-noinfo
CWE-15