CVE-2019-9094
6.1
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Exploitability: 2.8 / Impact: 2.7
Source: NVD
Description
A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in /s/adada/cfiles/upload in Humhub 1.3.10 Community Edition. The user-supplied input containing JavaScript in the filename is echoed back in JavaScript code, which resulted in XSS.
Affected (1)
References (2)
Source: cve@mitre.org
Release NotesThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Release NotesThird Party Advisory
Timeline
No history available yet.