CVE-2019-12743

NONE EPSS 71.1%
Published Jul 29, 20196y ago · Modified Jun 17, 20262w ago
Find Similar
Published Jul 29, 2019 6y ago
Last Modified Jun 17, 2026 2w ago

Description

HumHub Social Network Kit Enterprise v1.3.13 allows remote attackers to find the user accounts existing on any Social Network Kits (including self-hosted ones) by brute-forcing the username after the /u/ initial URI substring, aka Response Discrepancy Information Exposure.

Threat Intelligence

EPSS Exploit Probability
71.1% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-203

Affected Products 1

VendorProductVersionRange
humhubsocial_network_kit1.3.13any

References 2

  • github.com https://github.com/chanpu9/CVE/blob/master/2019-12743
    Third Party Advisory
  • humhub.org https://humhub.org/en/news
    ProductRelease Notes

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.