Browse all 3 CVE security advisories affecting hammadh. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Hammadh primarily serves as a web application framework used for building dynamic content management systems. Historically, it has been associated with multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues due to insufficient input validation and access control mechanisms. The three CVEs recorded for this component highlight consistent patterns of insecure deserialization and improper neutralization of input during web page generation. While no major public security incidents have been documented, the recurring nature of these vulnerabilities suggests developers should implement strict input sanitization and principle of least privilege access controls when deploying applications utilizing this framework.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-0827 | Play.ht – Make Your Blog Posts Accessible With Text to Speech Audio <= 3.6.4 - Cross-Site Request Forgery — Play.ht – Make Your Blog Posts Accessible With Text to Speech AudioCWE-352 | 4.3 | Medium | 2024-03-13 |
| CVE-2024-1772 | Play.ht – Make Your Blog Posts Accessible With Text to Speech Audio <= 3.6.4 - Authenticated (Contributor+) PHP Object Injection — Play.ht – Make Your Blog Posts Accessible With Text to Speech AudioCWE-502 | 8.8 | High | 2024-03-13 |
| CVE-2024-0828 | Play.ht – Make Your Blog Posts Accessible With Text to Speech Audio <= 3.6.4 - Missing Authorization — Play.ht – Make Your Blog Posts Accessible With Text to Speech AudioCWE-862 | 5.4 | Medium | 2024-03-13 |
This page lists every published CVE security advisory associated with hammadh. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.