CVE-2020-21527

Published September 30th, 2020

View on NVD ↗

CVSS v3

7.7

HIGH

CVSS v2

8.5

HIGH

Affected

PROJECT

Description

There is an Arbitrary file deletion vulnerability in halo v1.1.3. A backup function in the background allows a user, when deleting their backup files, to delete any files on the system through directory traversal.

halo-dev/halo

Halo 是一款强大易用的开源建站工具，从个人博客、知识库，到企业官网、在线商城，Halo 都能助您轻松实现，一站式满足您的多样化建站需求。

GitHub

39.1K