HumHub is a set of open source social networking software written on the Yii PHP framework. HumHub suffers from a cross-site scripting vulnerability that stems from a componentβs lack of data filtering and escaping, which can be exploited by attackers to cause cross-site scripting.