4 matches found
CVE-2022-24865
HumHub is an Open Source Enterprise Social Network. In affected versions users who are forced to change their password by an administrator may retrieve other users' data. This issue has been resolved by commit eb83de20. It is recommended that the HumHub is upgraded to 1.11.0, 1.10.4 or 1.9.4. The...
CVE-2022-24865 Improper access control in humhub
HumHub is an Open Source Enterprise Social Network. In affected versions users who are forced to change their password by an administrator may retrieve other users' data. This issue has been resolved by commit eb83de20. It is recommended that the HumHub is upgraded to 1.11.0, 1.10.4 or 1.9.4. The...
CVE-2022-24865
CVE-2022-24865 affects HumHub (Open Source Enterprise Social Network) with an improper access control vulnerability allowing a forced-password-change flow to let an attacker retrieve other users’ data. The issue has a fixed commit eb83de20 and remediation guidance recommends upgrading HumHub to 1...
CVE-2022-24865 Improper access control in humhub
HumHub is an Open Source Enterprise Social Network. In affected versions users who are forced to change their password by an administrator may retrieve other users' data. This issue has been resolved by commit eb83de20. It is recommended that the HumHub is upgraded to 1.11.0, 1.10.4 or 1.9.4. The...