Vulnerabilities > Humhub > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-06 | CVE-2024-52043 | Information Exposure Through an Error Message vulnerability in Humhub Generation of Error Message Containing Sensitive Information in HumHub GmbH & Co. | 5.3 |
| 2022-06-09 | CVE-2017-20026 | Cross-site Scripting vulnerability in Humhub A vulnerability has been found in HumHub up to 1.0.1 and classified as problematic. | 4.3 |
| 2022-06-09 | CVE-2017-20027 | Cross-site Scripting vulnerability in Humhub A vulnerability was found in HumHub up to 1.0.1 and classified as problematic. | 4.3 |
| 2022-04-20 | CVE-2022-24865 | Incorrect Authorization vulnerability in Humhub HumHub is an Open Source Enterprise Social Network. | 4.0 |
| 2021-12-20 | CVE-2021-43847 | Missing Authorization vulnerability in Humhub HumHub is an open-source social network kit written in PHP. | 4.0 |
| 2019-07-29 | CVE-2019-12743 | Information Exposure vulnerability in Humhub Social Network KIT 1.3.13 HumHub Social Network Kit Enterprise v1.3.13 allows remote attackers to find the user accounts existing on any Social Network Kits (including self-hosted ones) by brute-forcing the username after the /u/ initial URI substring, aka Response Discrepancy Information Exposure. | 5.0 |
| 2019-05-08 | CVE-2019-11564 | Cross-site Scripting vulnerability in Humhub 1.3.12 A cross-site scripting (XSS) vulnerability in HumHub 1.3.12 allows remote attackers to inject arbitrary web script or HTML via a /protected/vendor/codeception/codeception/tests/data/app/view/index.php POST request. | 4.3 |
| 2019-03-21 | CVE-2019-9094 | Cross-site Scripting vulnerability in Humhub 1.3.10 A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in /s/adada/cfiles/upload in Humhub 1.3.10 Community Edition. | 4.3 |
| 2019-03-21 | CVE-2019-9093 | Cross-site Scripting vulnerability in Humhub 1.3.10 A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in file/file/upload in Humhub 1.3.10 Community Edition. | 4.3 |