CVE-2024-43793

Published
View on NVD ↗
CVSS v3
6.3
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT

Description

Halo is an open source website building tool. A security vulnerability has been identified in versions prior to 2.19.0 of the Halo project. This vulnerability allows an attacker to execute malicious scripts in the user's browser through specific HTML and JavaScript code, potentially leading to a Cross-Site Scripting (XSS) attack. This vulnerability is fixed in 2.19.0.

halo-dev/halo
halo-dev/halo
Halo 是一款强大易用的开源建站工具,从个人博客、知识库,到企业官网、在线商城,Halo 都能助您轻松实现,一站式满足您的多样化建站需求。
GitHubGitHub
39.1K