Lucene search
China National Vulnerability DatabaseCNVD-2022-08379HistoryJan 17, 2022 - 12:00 a.m.
Halo Cross-Site Scripting Vulnerability (CNVD-2022-08379)
2022-01-1700:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
0.001 Low
EPSS
Percentile
26.4%
Halo is a personal blogging system for individual developers. Halo has a cross-site scripting vulnerability that originates in Halo, v1.0.0 to v1.4.17 (latest) versions are vulnerable to cross-site scripting (XSS) attacks stored in article headers, which can be exploited by attackers to inject arbitrary javascript code that will be executed on the victim’s server.
| CPE | Name | Operator | Version |
|---|---|---|---|
| Halo Halo >=1.0.0, | le | 1.4.17 |
Related
prion
prion
Cross site scripting
2022-01-13 17:15:00
cvelist
cvelist
nvd
nvd
CVE-2022-22123
2022-01-13 17:15:07
osv
osv
CVE-2022-22123
2022-01-13 17:15:07
cve
cve
CVE-2022-22123
2022-01-13 17:15:07