Vulnerabilities

CVE-2026-29048 - HumHub: XSS in Button component

2026-03-06 0 views admin
CVE-2026-29048 - HumHub: XSS in Button component

CVE ID : CVE-2026-29048 Published : March 6, 2026, 7:16 a.m. | 43 minutes ago Description : HumHub is an Open Source Enterprise Social Network. In version 1.18.0, a cross-site scripting vulnerability was identified in the Button component of version 1.18.0. Due to inconsistent output encoding at several points within the software, malicious scripts could be injected and executed in the context of the user's browser. This issue has been patched in version 1.18.1. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

Severity
MEDIUM
Published
March 6, 2026
Attack Vector: Network

🏷️ Tags

29048humhubbuttoncomponentpublishedminutesdescriptionsourcecvexss

More from Vulnerabilities

CVE-2018-25179 - Gumbo CMS 0.99 SQL Injection via settings endpoint

CVE-2018-25179 - Gumbo CMS 0.99 SQL Injection via settings endpoint

2026-03-06 0
CVE-2018-25178 - Easyndexer 1.0 Arbitrary File Download via showtif.php

CVE-2018-25178 - Easyndexer 1.0 Arbitrary File Download via showtif.php

2026-03-06 0
CVE-2018-25180 - Maitra 1.7.2 SQL Injection and Database File Download

CVE-2018-25180 - Maitra 1.7.2 SQL Injection and Database File Download

2026-03-06 0
CVE-2018-25181 - Musicco 2.0.0 Arbitrary Directory Download via Path Traversal

CVE-2018-25181 - Musicco 2.0.0 Arbitrary Directory Download via Path Traversal

2026-03-06 0

Trending

1

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

2025-10-27 • 189 views
2

CVE-2025-43939: Dell Unity OS Command Injection (High)

2025-10-30 • 148 views
3

Google disputes false claims of massive Gmail data breach

2025-10-30 • 130 views
4

Microsoft: DNS outage impacts Azure and Microsoft 365 services

2025-10-30 • 88 views
5

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting

2025-11-25 • 81 views