ruibaby/halo

ruibaby Halo 0.0.2 has stored XSS via the commentAuthor field to FrontCommentController.java.

ruibaby Halo 0.0.2 has stored XSS via the loginName and loginPwd parameters in a failed login attempt to AdminController.java.