Medium severity5.4NVD Advisory· Published Jun 5, 2016· Updated May 6, 2026
CVE-2016-1229
CVE-2016-1229
Description
Cross-site scripting (XSS) vulnerability in HumHub 0.20.0-beta.1 through 0.20.1 and 1.0.0-beta before 1.0.0-beta.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Affected products
6cpe:2.3:a:humhub:humhub:0.20.0:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:humhub:humhub:0.20.0:*:*:*:*:*:*:*
- cpe:2.3:a:humhub:humhub:0.20.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:humhub:humhub:0.20.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:humhub:humhub:0.20.1:*:*:*:*:*:*:*
- cpe:2.3:a:humhub:humhub:1.0.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:humhub:humhub:1.0.0:beta2:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- github.com/humhub/humhub/releases/tag/v1.0.0-beta.3nvdPatch
- jvn.jp/en/jp/JVN56167268/index.htmlnvdVendor Advisory
- jvndb.jvn.jp/jvndb/JVNDB-2016-000068nvdVendor Advisory
News mentions
0No linked articles in our index yet.