Medium severity5.4NVD Advisory· Published Jun 5, 2016· Updated Jun 17, 2026
CVE-2016-1229
CVE-2016-1229
Description
Cross-site scripting (XSS) vulnerability in HumHub 0.20.0-beta.1 through 0.20.1 and 1.0.0-beta before 1.0.0-beta.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7cpe:2.3:a:humhub:humhub:0.20.0:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:humhub:humhub:0.20.0:*:*:*:*:*:*:*
- cpe:2.3:a:humhub:humhub:0.20.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:humhub:humhub:0.20.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:humhub:humhub:0.20.1:*:*:*:*:*:*:*
- cpe:2.3:a:humhub:humhub:1.0.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:humhub:humhub:1.0.0:beta2:*:*:*:*:*:*
- (no CPE)range: >= 0.20.0-beta.1 <= 0.20.1 || >= 1.0.0-beta < 1.0.0-beta.3
Patches
Vulnerability mechanics
References
3- github.com/humhub/humhub/releases/tag/v1.0.0-beta.3nvdPatch
- jvn.jp/en/jp/JVN56167268/index.htmlnvdVendor Advisory
- jvndb.jvn.jp/jvndb/JVNDB-2016-000068nvdVendor Advisory
News mentions
0No linked articles in our index yet.