CVE-2019-9094
CVE-2019-9094 describes a reflected XSS in Humhub 1.3.10 Community Edition. Affected component: /s/adada/cfiles/upload; attacker-supplied input in the filename is echoed back in JavaScript code, enabling XSS. Documented in multiple sources (NVD, RH Red Hat advisory, CNVD, OSV, etc.). Exploitation...