CVE-2017-20028

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2017-20028
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-20028.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-20028
Published
2022-06-09T23:15:08.467Z
Modified
2026-04-10T03:59:04.763836Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

A vulnerability was found in HumHub 0.20.1/1.0.0-beta.3. It has been classified as critical. This affects an unknown part. The manipulation leads to privilege escalation. It is possible to initiate the attack remotely. Upgrading to version 1.0.0 is able to address this issue. It is recommended to upgrade the affected component.

References

Affected packages

Git / github.com/humhub/humhub

Affected ranges

Type
GIT
Repo
https://github.com/humhub/humhub
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
6ab6c0a923800ead877d5f222a51f5f4236d889a
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "0.20.1"
        }
    ]
}

Affected versions

v0.*
v0.11.0
v0.11.1
v0.11.2
v0.20.0
v0.20.0-beta.1
v0.20.1
v0.9.0
v0.9.0-rc.1
v0.9.0-rc.2

Database specific

unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "1.0.0-beta3"
            }
        ]
    }
]
source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-20028.json"