172 matches found
CVE-2026-29048
HumHub is an Open Source Enterprise Social Network. In version 1.18.0, a cross-site scripting vulnerability was identified in the Button component of version 1.18.0. Due to inconsistent output encoding at several points within the software, malicious scripts could be injected and executed in the...
CVE-2026-29052
The Calendar module for HumHub enables users to create one-time or recurring events, manage attendee invitations, and efficiently track all scheduled activities. Prior to version 1.8.11, a Stored Cross-Site Scripting XSS vulnerability in the Event Types of the HumHub Calendar module impacts users...
CVE-2026-29048
HumHub is an Open Source Enterprise Social Network. In version 1.18.0, a cross-site scripting vulnerability was identified in the Button component of version 1.18.0. Due to inconsistent output encoding at several points within the software, malicious scripts could be injected and executed in the...
EUVD-2026-10014
HumHub is an Open Source Enterprise Social Network. In version 1.18.0, a cross-site scripting vulnerability was identified in the Button component of version 1.18.0. Due to inconsistent output encoding at several points within the software, malicious scripts could be injected and executed in the...
CVE-2026-29048
HumHub (Open Source Enterprise Social Network) vulnerability CVE-2026-29048 affects HumHub 1.18.0 in the Button component, where inconsistent output encoding allows cross-site scripting. The CVSS 4.0 vector yields a base score of 6.9 (Medium) with network attack vector, low attack complexity, and...
CVE-2026-29048 HumHub: XSS in Button component
HumHub is an Open Source Enterprise Social Network. In version 1.18.0, a cross-site scripting vulnerability was identified in the Button component of version 1.18.0. Due to inconsistent output encoding at several points within the software, malicious scripts could be injected and executed in the...
CVE-2026-29048 HumHub: XSS in Button component
HumHub is an Open Source Enterprise Social Network. In version 1.18.0, a cross-site scripting vulnerability was identified in the Button component of version 1.18.0. Due to inconsistent output encoding at several points within the software, malicious scripts could be injected and executed in the...
CVE-2026-29048 HumHub: XSS in Button component
HumHub is an Open Source Enterprise Social Network. In version 1.18.0, a cross-site scripting vulnerability was identified in the Button component of version 1.18.0. Due to inconsistent output encoding at several points within the software, malicious scripts could be injected and executed in the...
CVE-2026-29048
HumHub is an Open Source Enterprise Social Network. In version 1.18.0, a cross-site scripting vulnerability was identified in the Button component of version 1.18.0. Due to inconsistent output encoding at several points within the software, malicious scripts could be injected and executed in the...
HumHub 跨站脚本漏洞
HumHub is an open-source social networking software developed using the Yii PHP framework. Version HumHub 1.18.0 contains a cross-site scripting vulnerability. This vulnerability stems from inconsistent output encoding in the Button component, which may allow malicious scripts to be injected and...
PT-2026-23656
Name of the Vulnerable Software and Affected Versions HumHub version 1.18.0 Description HumHub is an Open Source Enterprise Social Network. A cross-site scripting issue exists in the Button component due to inconsistent output encoding. This allows for the injection and execution of malicious...
CVE-2026-29052
The Calendar module for HumHub enables users to create one-time or recurring events, manage attendee invitations, and efficiently track all scheduled activities. Prior to version 1.8.11, a Stored Cross-Site Scripting XSS vulnerability in the Event Types of the HumHub Calendar module impacts users...
CVE-2026-29052 HumHub Calendar Module: Stored XSS in Event Types
The Calendar module for HumHub enables users to create one-time or recurring events, manage attendee invitations, and efficiently track all scheduled activities. Prior to version 1.8.11, a Stored Cross-Site Scripting XSS vulnerability in the Event Types of the HumHub Calendar module impacts users...
CVE-2026-29052
The Calendar module for HumHub enables users to create one-time or recurring events, manage attendee invitations, and efficiently track all scheduled activities. Prior to version 1.8.11, a Stored Cross-Site Scripting XSS vulnerability in the Event Types of the HumHub Calendar module impacts users...
CVE-2026-29052
HumHub Calendar module (HumHub) contains a Stored XSS in Event Types affecting versions prior to 1.8.11. The vulnerability can be triggered when viewing events created by an administrative account; no user interaction is required and attack vector is network. The issue is fixed in version 1.8.11....
CVE-2026-29052 HumHub Calendar Module: Stored XSS in Event Types
The Calendar module for HumHub enables users to create one-time or recurring events, manage attendee invitations, and efficiently track all scheduled activities. Prior to version 1.8.11, a Stored Cross-Site Scripting XSS vulnerability in the Event Types of the HumHub Calendar module impacts users...
CVE-2026-29052 HumHub Calendar Module: Stored XSS in Event Types
The Calendar module for HumHub enables users to create one-time or recurring events, manage attendee invitations, and efficiently track all scheduled activities. Prior to version 1.8.11, a Stored Cross-Site Scripting XSS vulnerability in the Event Types of the HumHub Calendar module impacts users...
EUVD-2026-9787
The Calendar module for HumHub enables users to create one-time or recurring events, manage attendee invitations, and efficiently track all scheduled activities. Prior to version 1.8.11, a Stored Cross-Site Scripting XSS vulnerability in the Event Types of the HumHub Calendar module impacts users...
Calendar 跨站脚本漏洞
Calendar is an event management module developed by HumHub, offering a comprehensive solution for events within companies or organizations. Versions of Calendar prior to 1.8.11 contained a cross-site scripting vulnerability. This vulnerability stemmed from the existence of storage-type cross-site...
PT-2026-23407
Name of the Vulnerable Software and Affected Versions HumHub Calendar module versions prior to 1.8.11 Description The Calendar module for HumHub allows users to create and manage events. A stored cross-site scripting XSS issue exists in the Event Types functionality of the Calendar module for...