CVE-2020-21522
Halo 1.1.3 is affected by a Zip Slip Directory Traversal vulnerability (CVE-2020-21522) that can let an attacker overwrite files in a user directory (e.g., ftl files, .bashrc) and potentially gain operating system permissions. Affected component is the backend of Halo; root cause is directory tra...