CVE-2019-12743
NONE EPSS 71.1%
Published Jul 29, 20196y ago · Modified Jun 17, 20262w ago
Published Jul 29, 2019 6y ago
Last Modified Jun 17, 2026 2w ago
Description
HumHub Social Network Kit Enterprise v1.3.13 allows remote attackers to find the user accounts existing on any Social Network Kits (including self-hosted ones) by brute-forcing the username after the /u/ initial URI substring, aka Response Discrepancy Information Exposure.
Threat Intelligence
EPSS Exploit Probability
71.1% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-203
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| humhub | social_network_kit | 1.3.13 | any |
References 2
- github.com https://github.com/chanpu9/CVE/blob/master/2019-12743
- humhub.org https://humhub.org/en/news
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.