CVE-2016-1229
NONE EPSS 62.4%
Published Jun 5, 201610y ago · Modified Jun 17, 20262w ago
Published Jun 5, 2016 10y ago
Last Modified Jun 17, 2026 2w ago
Description
Cross-site scripting (XSS) vulnerability in HumHub 0.20.0-beta.1 through 0.20.1 and 1.0.0-beta before 1.0.0-beta.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Threat Intelligence
EPSS Exploit Probability
62.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-79 Cross-site Scripting Injection
Affected Products 6
References 3
- jvn.jp http://jvn.jp/en/jp/JVN56167268/index.html
- jvndb.jvn.jp http://jvndb.jvn.jp/jvndb/JVNDB-2016-000068
- github.com https://github.com/humhub/humhub/releases/tag/v1.0.0-beta.3
Remediation
- github.com https://github.com/humhub/humhub/releases/tag/v1.0.0-beta.3