Social media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. Prior to version 1.0.5 Social media skeleton did not properly salt passwords leaving user passwords susceptible to cracking should an attacker gain access to hashed passwords. This issue has been addressed in version 1.0.5 and users are advised to upgrade. There are no known workarounds for this issue.
References
Configurations
History
23 Aug 2023, 19:59
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
First Time |
Fobybus
Fobybus social-media-skeleton |
|
CPE | cpe:2.3:a:fobybus:social-media-skeleton:*:*:*:*:*:*:*:* | |
References | (MISC) https://github.com/fobybus/social-media-skeleton/commit/344d798e82d6cc39844962c6d3cb2560f5907848 - Patch | |
References | (MISC) https://github.com/fobybus/social-media-skeleton/security/advisories/GHSA-rfmv-7m7g-v628 - Third Party Advisory | |
References | (MISC) https://github.com/fobybus/social-media-skeleton/commit/df31da44ffed3ea065cbbadc3c8052d0d489a2ef - Patch |
18 Aug 2023, 22:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-08-18 22:15
Updated : 2024-02-28 20:33
NVD link : CVE-2023-40173
Mitre link : CVE-2023-40173
CVE.ORG link : CVE-2023-40173
JSON object : View
Products Affected
fobybus
- social-media-skeleton
CWE
CWE-522
Insufficiently Protected Credentials