Unauthorized Access to Private Spaces in HumHub

Unauthorized Access to Private Spaces in HumHub

CVE-2021-43847 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

HumHub is an open-source social network kit written in PHP. Prior to HumHub version 1.10.3 or 1.9.3, it could be possible for registered users to become unauthorized members of private Spaces. Versions 1.10.3 and 1.9.3 contain a patch for this issue.

Learn more about our Network Penetration Testing.