Title: HumHub Modules Mail v0.5.8 Author: Morten Nørtoft, Kenneth Jepsen, Mikkel Vej Date: 2014/10/31 Download: https://github.com/humhub/humhub-modules-mail Contacted authors: 2014/10/15 ---------------------------------------------------------- Description: "Private messaging system to communicate with one or more users." HumHub Mail Module v0.5.8 is vulnerable to an XSS attack. Vulnerable file: /views/mail/index.php Example of vulnerable code: selectEntry(); This is vulnerable because the GET parameter 'id' is not getting sanitized PoC: If a logged in user clicks the following link, the injected javascript is executed: humhub.example/index.php?r=mail/mail/index&id=function%28%29{%20alert%28document.cookie%29;%20return%201;%20}%28%29 ## Solution Update to version 0.5.9.