CVE-2023-43323

Name of the Vulnerable Software and Affected Versions mooSocial version 3.1.8

Description The issue concerns external service interaction on the post function. When executed, the server sends HTTP and DNS requests to an external server. The parameters affected are multiple, including messageText, data[wall photo], data[userShareVideo], and data[userShareLink].

Recommendations For mooSocial version 3.1.8, consider disabling the post function until a patch is available to prevent external service interaction. Restrict access to the parameters messageText, data[wall photo], data[userShareVideo], and data[userShareLink] to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.