Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Improper access control in humhub
Vulnerability Description
HumHub is an Open Source Enterprise Social Network. In affected versions users who are forced to change their password by an administrator may retrieve other users' data. This issue has been resolved by commit `eb83de20`. It is recommended that the HumHub is upgraded to 1.11.0, 1.10.4 or 1.9.4. There are no known workarounds for this issue.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
信息暴露
Vulnerability Title
HumHub 安全漏洞
Vulnerability Description
Humhub是一套基于Yii PHP框架编写的开源社交网络软件。 HumHub 存在安全漏洞,该漏洞源于管理员强制更改密码的用户可能会检索其他用户的数据。
CVSS Information
N/A
Vulnerability Type
N/A