CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-11564

A cross-site scripting (XSS) vulnerability in HumHub 1.3.12 allows remote attackers to inject arbitrary web script or HTML via a /protected/vendor/codeception/codeception/tests/data/app/view/index.php POST request.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.02

EPSS Ranking 83.0%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

https://humhub.org/en/news
https://www.exploit-db.com/exploits/46771/
https://humhub.org/en/news
https://www.exploit-db.com/exploits/46771/

Products affected by CVE-2019-11564

Humhub » Humhub » Version: 1.3.12

cpe:2.3:a:humhub:humhub:1.3.12

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-11564

Products

Pricing

Contact Us