CVE-2023-4174
published 2023-08-06CVE-2023-4174: A vulnerability has been found in mooSocial mooStore 3.1.6 and classified as problematic. Affected by this vulnerability is an unknown functionality. The…
PriorityP341medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EXPLOIT
EPSS
5.27%
91.5th percentile
A vulnerability has been found in mooSocial mooStore 3.1.6 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. The attack can be launched remotely. The identifier VDB-236209 was assigned to this vulnerability.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| moosocial | moostore | — | — |
Detection & IOCsextracted from sources · hover to see the quote
url/stores[XSS]/all-products?store_id=&keyword=&price_from=&price_to=&rating=&store_category_id=&sortby=most_recent↗
bytes↗
j8chn">ridxm
yara↗
id: CVE-2023-4174
info:
name: mooSocial 3.1.6 - Reflected Cross Site Scripting
author: momika233
severity: medium
http:
- method: GET
path:
- '{{BaseURL}}/search/index?q=">ridxm'
- '{{BaseURL}}/stores">ridxm/all-products?store_id=&keyword=&price_from=&price_to=&rating=&store_category_id=&sortby=most_recent'
- '{{BaseURL}}/user_info">ridxm/index/friends'
- '{{BaseURL}}/faqs">ridxm/index?content_search=">ridxm'
- '{{BaseURL}}/classifieds">ridxm/search?category=1'
matchers:
- type: word
part: body
words:
- "ridxm"
- "mooSocial"
condition: and
- type: word
part: header
words:
- "text/html"- →Reflected XSS via GET parameter 'q' in /search/index endpoint; look for unencoded angle brackets/quotes in the 'q' parameter in HTTP requests. ↗
- →Reflected XSS injected directly into URL path segments (not query string) for /stores, /user_info, /faqs, and /classifieds routes; monitor for special characters such as "> in URL path components. ↗
- →Nuclei template detection: match response body containing both 'ridxm' and 'mooSocial' strings with Content-Type text/html header to confirm exploitation. ↗
- →Identify mooSocial mooStore instances via Shodan favicon hash 702863115 or FOFA icon_hash query for attack surface enumeration. ↗
- →The /classifieds[XSS]/search?category=1 path is also a vulnerable injection point, covered in the Nuclei template but not listed in the Exploit-DB PoC paths. ↗
- ·The Nuclei template uses stop-at-first-match, meaning only the first vulnerable endpoint will be confirmed per scan run; all five paths should be tested individually for full coverage. ↗
- ·The XSS probe string 'ridxm' is a canary token specific to this PoC/template; defenders should not rely solely on this string for detection as attackers will use different payloads in the wild. ↗
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:N/I:P/A:N
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Social-Commerce 3.1.6 - Reflected XSS
exploitdb·2023-08-08·CVSS 3.5
CVE-2023-4174 [LOW] Social-Commerce 3.1.6 - Reflected XSS
Social-Commerce 3.1.6 - Reflected XSS
---
# Exploit Title: Social-Commerce 3.1.6 - Reflected XSS
# Exploit Author: CraCkEr
# Date: 28/07/2023
# Vendor: mooSocial
# Vendor Homepage: https://moosocial.com/
# Software Link: https://social-commerce.moosocial.com/
# Version: 3.1.6
# Tested on: Windows 10 Pro
# Impact: Manipulate the content of the site
# CVE: CVE-2023-4174
## Greetings
The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL , MoizSid09, indoushka
CryptoJob (Twitter) twitter.com/0x0CryptoJob
## Description
The attacker can send to victim a link containing a malicious URL in an email or instant message
can perform a wide variety of actions, such as stealing the victim's session token or login credentials
Path: /search/index
GET parameter 'q' is vulnerable to XSS
h
Nuclei
mooSocial 3.1.6 - Reflected Cross Site Scripting
nuclei·CVSS 6.1
CVE-2023-4174 [MEDIUM] mooSocial 3.1.6 - Reflected Cross Site Scripting
mooSocial 3.1.6 - Reflected Cross Site Scripting
A vulnerability has been found in mooSocial mooStore 3.1.6 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. The attack can be launched remotely.
Template:
id: CVE-2023-4174
info:
name: mooSocial 3.1.6 - Reflected Cross Site Scripting
author: momika233
severity: medium
description: |
A vulnerability has been found in mooSocial mooStore 3.1.6 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. The attack can be launched remotely.
impact: |
Successful exploitation of this vulnerability could allow an attacker to execute malicious scripts in the victim's browser, pote
http://packetstormsecurity.com/files/174017/Social-Commerce-3.1.6-Cross-Site-Scripting.htmlhttps://vuldb.com/?ctiid.236209https://vuldb.com/?id.236209http://packetstormsecurity.com/files/174017/Social-Commerce-3.1.6-Cross-Site-Scripting.htmlhttps://vuldb.com/?ctiid.236209https://vuldb.com/?id.236209
2023-08-06
Published