4 matches found
CVE-2018-11011
ruibaby Halo 0.0.2 has stored XSS via the commentAuthor field to FrontCommentController.java...
CVE-2018-11012
ruibaby Halo 0.0.2 has stored XSS via the loginName and loginPwd parameters in a failed login attempt to AdminController.java...
Cross site scripting
ruibaby Halo 0.0.2 has stored XSS via the loginName and loginPwd parameters in a failed login attempt to AdminController.java...
CVE-2018-11012
ruibaby Halo 0.0.2 has stored XSS via the loginName and loginPwd parameters in a failed login attempt to AdminController.java...