8 matches found
EUVD-2025-23648
Malicious code in bioql PyPI...
CVE-2025-51857
The reconcile method in the AttachmentReconciler class of the Halo system v.2.20.18LTS and before is vulnerable to XSS attacks...
CVE-2025-51857
The reconcile method in the AttachmentReconciler class of the Halo system v.2.20.18LTS and before is vulnerable to XSS attacks...
CVE-2025-51857
The reconcile method in the AttachmentReconciler class of the Halo system v.2.20.18LTS and before is vulnerable to XSS attacks...
CVE-2025-51857
The reconcile method in the AttachmentReconciler class of the Halo system v.2.20.18LTS and before is vulnerable to XSS attacks...
CVE-2025-51857
The reconcile method in the AttachmentReconciler class of the Halo system v.2.20.18LTS and before is vulnerable to XSS attacks...
CVE-2025-51857
The CVE-2025-51857 entry concerns Halo (AttachmentReconciler, reconcile method) with cross-site scripting (XSS) vulnerability in Halo v2.20.18LTS and earlier. Affected component is the AttachmentReconciler class’s reconcile method; the root cause is XSS exposure in this flow. Impact details in av...
Halo 跨站脚本漏洞
Halo is a personal blogging system for individual developers. Halo suffers from a cross-site scripting vulnerability that stems from a cross-site scripting XSS vulnerability via the X-forwarded-for Header parameter in Halo 0.4.3. An attacker could exploit the vulnerability to execute client-side...