CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

OSV•added 2025/09/09 9:15 p.m.•1 views

CVE-2025-44595

Halo v2.20.17 and before is vulnerable to Cross Site Scripting XSS in /halohost/archives/name...

6.1CVSS6.3AI score

Exploits0References1

CVE•added 2025/09/09 12:0 a.m.•14 views

CVE-2025-44595

Halo v2.20.17 and earlier is vulnerable to Cross-Site Scripting (XSS) through the /halo_host/archives/{name} endpoint. The issue affects the handling of the name parameter and can allow script injection. Multiple sources confirm the affected versions are prior to v2.20.17, with a suggested remedi...

6.1CVSS5.7AI score0.00043EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2025/09/09 12:0 a.m.•1 views

CVE-2025-44595

Halo v2.20.17 and before is vulnerable to Cross Site Scripting XSS in /halohost/archives/name...

5.6AI score0.00043EPSS

Exploits0References1

Cvelist•added 2025/09/09 12:0 a.m.•4 views

CVE-2025-44595

Halo v2.20.17 and before is vulnerable to Cross Site Scripting XSS in /halohost/archives/name...

0.00043EPSS

Exploits0References1

Positive Technologies•added 2025/09/09 12:0 a.m.•2 views

PT-2025-36959

Name of the Vulnerable Software and Affected Versions: Halo versions prior to v2.20.17 Description: Halo is susceptible to a Cross Site Scripting XSS issue in the /halo host/archives/name API endpoint. The vulnerability resides in the handling of the name parameter, allowing for potential script...

6.1CVSS5.8AI score0.00043EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by