Hubs Cloud allows users to download shared content, specifically HTML and JS, which could allow javascript execution in the Hub Cloud instance’s primary hosting domain.*. This vulnerability affects Hubs Cloud < mozillareality/reticulum/1.0.1/20210618012634.
[
{
"product": "Hubs Cloud",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "mozillareality/reticulum/1.0.1/20210618012634",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]