HowieHz/CVE-2025-70886

HowieHz/CVE-2025-70886

GitHubGitHub
GitHubgithub.com
Releases0
A Proof of Concept (PoC) exploit for CVE-2025-70886, a persistent denial-of-service vulnerability in Halo CMS (v2.22.4 and earlier) that allows remote attackers to crash the admin comment interface by submitting malformed payloads.
Log in to subscribe

CVE History

CVEPublishedCVSS v3CVSS v2
CVE-2025-70886
7.5 HIGH

An issue in halo v.2.22.4 and before allows a remote attacker to cause a denial of service via a crafted payload to the public comment submission endpoint