CVE-2025-70886

Published
View on NVD ↗
CVSS v3
7.5
HIGH
CVSS v2
N/A
Affected
2
PROJECTS

Description

An issue in halo v.2.22.4 and before allows a remote attacker to cause a denial of service via a crafted payload to the public comment submission endpoint

halo-dev/halo
halo-dev/halo
Halo 是一款强大易用的开源建站工具,从个人博客、知识库,到企业官网、在线商城,Halo 都能助您轻松实现,一站式满足您的多样化建站需求。
GitHubGitHub
39K
HowieHz/CVE-2025-70886
HowieHz/CVE-2025-70886
A Proof of Concept (PoC) exploit for CVE-2025-70886, a persistent denial-of-service vulnerability in Halo CMS (v2.22.4 and earlier) that allows remote attackers to crash the admin comment interface by submitting malformed payloads.
GitHubGitHub