- Description
- HumHub is an open-source social network kit written in PHP. Prior to HumHub version 1.10.3 or 1.9.3, it could be possible for registered users to become unauthorized members of private Spaces. Versions 1.10.3 and 1.9.3 contain a patch for this issue.
- Source
- security-advisories@github.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 6.5
- Impact score
- 3.6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 4
- Impact score
- 2.9
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:N/A:N
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:humhub:humhub:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "900F1776-7E44-465E-8814-4BED5391880C",
"versionEndExcluding": "1.9.3"
},
{
"criteria": "cpe:2.3:a:humhub:humhub:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F81E6636-F68D-4210-8BCC-EF5863FC9682",
"versionEndExcluding": "1.10.3",
"versionStartIncluding": "1.10.0"
}
],
"operator": "OR"
}
]
}
]