CSRF Vulnerability in MooSocial v.3.1.8 Allows Remote Code Execution and Information Disclosure via Admin Password Change Function

CSRF Vulnerability in MooSocial v.3.1.8 Allows Remote Code Execution and Information Disclosure via Admin Password Change Function

CVE-2023-44811 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Cross Site Request Forgery (CSRF) vulnerability in MooSocial v.3.1.8 allows a remote attacker to execute arbitrary code and obtain sensitive information via the admin Password Change Function.

Learn more about our Social Engineering.