7.5 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
71.1%
Halo V1.1.3 is affected by: Arbitrary File reading. In an interface that reads files in halo v1.1.3, a directory traversal check is performed on the input path parameter, but the startsWith function can be used to bypass it.
github.com/halo-dev/halo/issues/420