CVE-2025-8276

CVSS v3.1

4.3

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions HumanSuite versions prior to 53.21.0

Description HumanSuite is susceptible to multiple issues including improper encoding or escaping of output, improper neutralization of special elements in output used by a downstream component (injection), improper neutralization of argument delimiters in a command (argument injection), and improper control of generation of code (code injection). These issues allow for input data manipulation, format string injection, reflection injection, and code injection.

Recommendations Update HumanSuite to version 53.21.0 or later.

Fix

Improper Encoding or Escaping of Output

Argument Injection

Code Injection

Special Elements Injection

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-116CWE-88CWE-94CWE-74CWE-79

Related Identifiers

CVE-2025-8276

Affected Products

Humansuite

CVE-2025-8276

Weakness Enumeration

Related Identifiers

Affected Products

References · 7