CVE-2023-3847 LOW

CVE-2023-3847: mooSocial mooDating URL users cross site scripting

Vendor Moosocial

Product mooDating

Weakness CWE-79 · XSS

Published July 23, 2023

Last update August 21, 2025

View on NVD All CVEs

CVSS base score

3.5/10

Attack vector Network

Attack complexity Low

Privileges required Low

User interaction Required

Confidentiality None

Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

A vulnerability classified as problematic was found in mooSocial mooDating 1.2. This vulnerability affects unknown code of the file /users of the component URL Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. VDB-235198 is the identifier assigned to this vulnerability. NOTE: We tried to contact the vendor early about the disclosure but the official mail address was not working properly.

Key dates

02Disclosure timeline

July 23, 2023 CVE published

August 21, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-3847 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/79.html

Related vulnerabilities

04Related CVE

CVE-2024-31085 WordPress Post-Plugin Library plugin <= 2.6.2.1 - Reflected Cross Site Scripting (XSS) vulnerability CVE-2024-11869 Buk for WordPress <= 1.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2021-24426 Backup by 10Web <= 1.0.20 - Reflected Cross-Site Scripting (XSS) CVE-2025-59996 Junos Space: Configuration View page is vulnerable to reflected cross-site script injection CVE-2025-6452 CodeAstro Patient Record Management System Generate New Report Page cross site scripting