CVE-2023-40173

Source
https://nvd.nist.gov/vuln/detail/CVE-2023-40173
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-40173.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-40173
Related
  • GHSA-rfmv-7m7g-v628
Published
2023-08-18T22:15:11Z
Modified
2025-01-08T15:10:11.688539Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

Social media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. Prior to version 1.0.5 Social media skeleton did not properly salt passwords leaving user passwords susceptible to cracking should an attacker gain access to hashed passwords. This issue has been addressed in version 1.0.5 and users are advised to upgrade. There are no known workarounds for this issue.

References

Affected packages

Git / github.com/fobybus/social-media-skeleton

Affected ranges

Type
GIT
Repo
https://github.com/fobybus/social-media-skeleton
Events

Affected versions

1.*

1.0.3
1.0.4

v1.*

v1.0.1
v1.0.2