3 matches found
CVE-2022-31133 Cross site scripting in HumHub
HumHub is an Open Source Enterprise Social Network. Affected versions of HumHub are vulnerable to a stored Cross-Site Scripting XSS vulnerability. For exploitation, the attacker would need a permission to administer the Spaces feature. The names of individual "spaces" are not properly escaped and...
CVE-2022-31133 Cross site scripting in HumHub
HumHub is an Open Source Enterprise Social Network. Affected versions of HumHub are vulnerable to a stored Cross-Site Scripting XSS vulnerability. For exploitation, the attacker would need a permission to administer the Spaces feature. The names of individual "spaces" are not properly escaped and...
CVE-2022-31133
HumHub (open source social network) contains a stored XSS in space names when a user with Spaces admin privileges creates or visits a space with an unescaped name. The vulnerability arises because space names are not properly escaped, enabling malicious JavaScript injection that could affect visi...