CVE-2025-64442

CVSS v4.0

7.1

High

Vector

AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions HumHub versions prior to 1.17.4

Description HumHub, an Open Source Enterprise Social Network, contains a cross-site scripting (XSS) issue within the Meta-Search feature. This flaw allows for the execution of malicious input in search previews.

Recommendations Update to version 1.17.4 or later.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2025-64442

GHSA-2HGP-33J2-93CC

Affected Products

Humhub

CVE-2025-64442

Weakness Enumeration

Related Identifiers

Affected Products

References · 10