CVE-2019-11564

NONE EPSS 83.6%
Published May 8, 20197y ago · Modified Jun 17, 20262w ago
Find Similar
Published May 8, 2019 7y ago
Last Modified Jun 17, 2026 2w ago

Description

A cross-site scripting (XSS) vulnerability in HumHub 1.3.12 allows remote attackers to inject arbitrary web script or HTML via a /protected/vendor/codeception/codeception/tests/data/app/view/index.php POST request.

Threat Intelligence

EPSS Exploit Probability
83.6% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-79 Cross-site Scripting Injection

Affected Products 1

VendorProductVersionRange
humhubhumhub1.3.12any

References 2

  • humhub.org https://humhub.org/en/news
    Release NotesVendor Advisory
  • exploit-db.com https://www.exploit-db.com/exploits/46771/
    ExploitThird Party AdvisoryVDB Entry

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.