CVE-2019-11564
NONE EPSS 83.6%
Published May 8, 20197y ago · Modified Jun 17, 20262w ago
Published May 8, 2019 7y ago
Last Modified Jun 17, 2026 2w ago
Description
A cross-site scripting (XSS) vulnerability in HumHub 1.3.12 allows remote attackers to inject arbitrary web script or HTML via a /protected/vendor/codeception/codeception/tests/data/app/view/index.php POST request.
Threat Intelligence
EPSS Exploit Probability
83.6% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available
Weaknesses 1
CWE-79 Cross-site Scripting Injection
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| humhub | humhub | 1.3.12 | any |
References 2
- humhub.org https://humhub.org/en/news
- exploit-db.com https://www.exploit-db.com/exploits/46771/
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.