RSS   Vulnerabilities for 'HALO'   RSS

2018-05-12
 
CVE-2018-11012

CWE-79
 

 
ruibaby Halo 0.0.2 has stored XSS via the loginName and loginPwd parameters in a failed login attempt to AdminController.java.

 
 
CVE-2018-11011

CWE-79
 

 
ruibaby Halo 0.0.2 has stored XSS via the commentAuthor field to FrontCommentController.java.

 


Copyright 2018, cxsecurity.com

 

Back to Top