XSS Vulnerability in HumHub's Meta-Search Feature
CVE-2025-64442
7.1HIGH
What is CVE-2025-64442?
In HumHub, an Open Source Enterprise Social Network, there exists a Cross-Site Scripting (XSS) vulnerability in the Meta-Search feature. This vulnerability affects all versions prior to 1.17.4, allowing malicious actors to inject and execute harmful scripts through manipulated search previews. Users are advised to upgrade to version 1.17.4 or later to mitigate associated security risks. For detailed information, refer to the official security advisory.
Affected Version(s)
humhub < 1.17.4