Overview
- Description
- HumHub is an open-source social network kit written in PHP. Prior to HumHub version 1.10.3 or 1.9.3, it could be possible for registered users to become unauthorized members of private Spaces. Versions 1.10.3 and 1.9.3 contain a patch for this issue.
- Source
- security-advisories@github.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 6.5
- Impact score
- 3.6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 4
- Impact score
- 2.9
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:N/A:N
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:humhub:humhub:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "900F1776-7E44-465E-8814-4BED5391880C",
"versionEndExcluding": "1.9.3"
},
{
"criteria": "cpe:2.3:a:humhub:humhub:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F81E6636-F68D-4210-8BCC-EF5863FC9682",
"versionEndExcluding": "1.10.3",
"versionStartIncluding": "1.10.0"
}
],
"operator": "OR"
}
]
}
]