- EPSS 2.59%
- Veröffentlicht 30.09.2020 18:15:23
- Zuletzt bearbeitet 21.11.2024 05:12:38
A Server-Side Freemarker template injection vulnerability in halo CMS v1.1.3 In the Edit Theme File function. The ftl file can be edited. This is the Freemarker template file. This file can cause arbitrary code execution when it is rendered in the ba...
CVE-2020-21522
- EPSS 1.53%
- Veröffentlicht 30.09.2020 18:15:23
- Zuletzt bearbeitet 21.11.2024 05:12:38
An issue was discovered in halo V1.1.3. A Zip Slip Directory Traversal Vulnerability in the backend,the attacker can overwrite some files, such as ftl files, .bashrc files in the user directory, and finally get the permissions of the operating system...
CVE-2020-19007
- EPSS 0.5%
- Veröffentlicht 26.08.2020 14:15:10
- Zuletzt bearbeitet 21.11.2024 05:08:54
Halo blog 1.2.0 allows users to submit comments on blog posts via /api/content/posts/comments. The javascript code supplied by the attacker will then execute in the victim user's browser.
CVE-2019-19999
- EPSS 1.51%
- Veröffentlicht 26.12.2019 04:15:10
- Zuletzt bearbeitet 21.11.2024 04:35:49
Halo before 1.2.0-beta.1 allows Server Side Template Injection (SSTI) because TemplateClassResolver.SAFER_RESOLVER is not used in the FreeMarker configuration.
CVE-2019-16890
- EPSS 0.66%
- Veröffentlicht 25.09.2019 21:15:12
- Zuletzt bearbeitet 21.11.2024 04:31:16
Halo 1.1.0 has XSS via a crafted authorUrl in JSON data to api/content/posts/comments.
CVE-2018-11011
- EPSS 0.63%
- Veröffentlicht 12.05.2018 04:29:00
- Zuletzt bearbeitet 21.11.2024 03:42:29
ruibaby Halo 0.0.2 has stored XSS via the commentAuthor field to FrontCommentController.java.
CVE-2018-11012
- EPSS 0.63%
- Veröffentlicht 12.05.2018 04:29:00
- Zuletzt bearbeitet 21.11.2024 03:42:29
ruibaby Halo 0.0.2 has stored XSS via the loginName and loginPwd parameters in a failed login attempt to AdminController.java.