Reflected Cross Site Scripting Vulnerability in Humhub Community Edition
CVE-2019-9094
6.1MEDIUM
What is CVE-2019-9094?
A reflected cross site scripting vulnerability exists in Humhub Community Edition 1.3.10. This issue arises from inadequately sanitized user input, particularly in filenames submitted during file uploads. When malicious JavaScript code is included in the filename, it can be executed in the browser when the input is reflected back. This flaw poses a significant risk as it allows attackers to inject and execute harmful scripts, potentially compromising user accounts and sensitive data.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
References
CVSS V3.1
Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved