Description

Files is a module for managing files inside spaces and user profiles. Prior to versions 0.16.11 and 0.17.2, insufficient authorization checks allow non-member users to create new folders, up- and download files as a ZIP archive in public spaces. Private spaces are not affected. This issue has been patched in versions 0.16.11 and 0.17.2.

INFO

Published Date :

2025-11-25T23:38:49.198Z

Last Modified :

2025-11-26T16:13:16.288Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-65963 vulnerability.

Vendors Products
Humhub
  • Files
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-65963.

URL Resource
https://github.com/humhub/cfiles/commit/75698f8e8f360cea470f0e9f264015b697ab4c09 cve-icon cve-icon
https://github.com/humhub/cfiles/security/advisories/GHSA-rv2x-7qwp-2hf4 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact