A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in /s/adada/cfiles/upload in Humhub 1.3.10 Community Edition. The user-supplied input containing JavaScript in the filename is echoed back in JavaScript code, which resulted in XSS.Referenceshttps://github.com/humhub/humhub/blob/master/protected/humhub/docs/CHANGELOG.md
