Total
26 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-21526 | 1 Halo | 1 Halo | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| An Arbitrary file writing vulnerability in halo v1.1.3. In an interface to write files in the background, a directory traversal check is performed on the input path parameter, but the startsWith function can be used to bypass it. | |||||
| CVE-2020-19007 | 1 Halo | 1 Halo | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
| Halo blog 1.2.0 allows users to submit comments on blog posts via /api/content/posts/comments. The javascript code supplied by the attacker will then execute in the victim user's browser. | |||||
| CVE-2019-16890 | 1 Halo | 1 Halo | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
| Halo 1.1.0 has XSS via a crafted authorUrl in JSON data to api/content/posts/comments. | |||||
| CVE-2019-19999 | 1 Halo | 1 Halo | 2024-02-28 | 6.5 MEDIUM | 7.2 HIGH |
| Halo before 1.2.0-beta.1 allows Server Side Template Injection (SSTI) because TemplateClassResolver.SAFER_RESOLVER is not used in the FreeMarker configuration. | |||||
| CVE-2018-11011 | 1 Halo | 1 Halo | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
| ruibaby Halo 0.0.2 has stored XSS via the commentAuthor field to FrontCommentController.java. | |||||
| CVE-2018-11012 | 1 Halo | 1 Halo | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
| ruibaby Halo 0.0.2 has stored XSS via the loginName and loginPwd parameters in a failed login attempt to AdminController.java. | |||||