VYPR
Unrated severityNVD Advisory· Published Aug 26, 2020· Updated Aug 4, 2024

CVE-2020-19007

CVE-2020-19007

Description

Halo blog 1.2.0 allows users to submit comments on blog posts via /api/content/posts/comments. The javascript code supplied by the attacker will then execute in the victim user's browser.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.