CVE-2026-29052

Medium CVSS: 6.9

The Calendar module for HumHub enables users to create one-time or recurring events, manage attendee invitations, and efficiently track all scheduled activities. Prior to version 1.8.11, a Stored Cross-Site Scripting (XSS) vulnerability in the Event Types of the HumHub Calendar module impacts users viewing events created by an administrative account. This issue has been patched in version 1.8.11.

Vendor

Humhub

Product

Calendar

CWE

CWE-79

Yayın Tarihi

2026-03-05 06:16:50

Güncelleme

2026-03-09 18:40:51

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-79 Calendar MEDIUM Humhub 2026

Referanslar

https://github.com/humhub/calendar/releases/tag/v1.8.11 https://github.com/humhub/calendar/security/advisories/GHSA-gqj3-pmp2-mrx8

Benzer Kayıtlar

Medium

CVE-2026-29048

HumHub is an Open Source Enterprise Social Network. In version 1.18.0, a cross-site scripting vulnerability was identifi…

High

CVE-2025-64442

HumHub is an Open Source Enterprise Social Network. Versions below 1.17.4 have a XSS vulnerability in the Meta-Search fe…

Medium

CVE-2025-54789

Files is a module for managing files inside spaces and user profiles. In versions 0.16.9 and below, the File Move functi…

Critical

CVE-2025-54790

Files is a module for managing files inside spaces and user profiles. In versions 0.16.9 and below, Files does not have…