CVE-2021-43847

Summary

HumHub is an open-source social network kit written in PHP. Prior to HumHub version 1.10.3 or 1.9.3, it could be possible for registered users to become unauthorized members of private Spaces. Versions 1.10.3 and 1.9.3 contain a patch for this issue.

Affected Software

VendorProductVersion RangeStatus
humhubhumhub>= 1.10.0, < 1.10.3affected
humhubhumhub< 1.9.3affected

Weaknesses

  • CWE-285: CWE-285: Improper Authorization

ADP Enrichment

CVE Program Container

Additional References

References