← Back to CVE List

CVE-2022-31133

Published: 2022-07-07T18:15Z
Last Modified: 2024-11-21T07:03Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
HumHub is an Open Source Enterprise Social Network. Affected versions of HumHub are vulnerable to a stored Cross-Site Scripting (XSS) vulnerability. For exploitation, the attacker would need a permission to administer the Spaces feature. The names of individual "spaces" are not properly escaped and so an attacker with sufficient privilege could insert malicious javascript into a space name and exploit system users who visit that space. It is recommended that the HumHub is upgraded to 1.11.4, 1.10.5. There are no known workarounds for this issue. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt