Halo
by Halo Dev
Source repositories
CVEs (43)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-40846 | Hig | 0.46 | — | 0.00 | May 8, 2025 | Improper Input Validation, the returnUrl parameter in Account Security Settings lacks proper input validation, allowing attackers to redirect users to malicious websites (Open Redirect) and inject JavaScript code to perform cross site scripting attack. The vulnerability… | ||
| CVE-2026-36759 | Med | 0.42 | 6.5 | 0.00 | Apr 30, 2026 | A Server-Side Request Forgery (SSRF) in the /themes/{name}/upgrade-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request. | ||
| CVE-2025-51857 | Med | 0.40 | 6.1 | 0.00 | Aug 5, 2025 | The reconcile method in the AttachmentReconciler class of the Halo system v.2.20.18LTS and before is vulnerable to XSS attacks. | ||
| CVE-2018-11012 | Med | 0.40 | 6.1 | 0.01 | May 12, 2018 | ruibaby Halo 0.0.2 has stored XSS via the loginName and loginPwd parameters in a failed login attempt to AdminController.java. | ||
| CVE-2018-11011 | Med | 0.40 | 6.1 | 0.01 | May 12, 2018 | ruibaby Halo 0.0.2 has stored XSS via the commentAuthor field to FrontCommentController.java. | ||
| CVE-2025-60898 | Med | 0.38 | 5.8 | 0.00 | Oct 29, 2025 | An unauthenticated server-side request forgery (SSRF) vulnerability in the Thumbnail via-uri endpoint of Halo CMS 2.21 allows a remote attacker to cause the server to issue HTTP requests to attacker-controlled URLs, including internal addresses. The endpoint performs a… | ||
| CVE-2026-36756 | Med | 0.35 | 5.4 | 0.00 | Apr 30, 2026 | A Server-Side Request Forgery (SSRF) in the /plugins/-/install-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request. | ||
| CVE-2026-36757 | Med | 0.28 | 4.3 | 0.00 | Apr 30, 2026 | A Server-Side Request Forgery (SSRF) in the /plugins/{name}/upgrade-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request. | ||
| CVE-2026-36758 | Med | 0.28 | 4.3 | 0.00 | Apr 30, 2026 | A Server-Side Request Forgery (SSRF) in the /themes/-/install-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request. | ||
| CVE-2025-14117 | Med | 0.28 | 4.3 | 0.00 | Dec 6, 2025 | A vulnerability has been found in fit2cloud Halo 2.21.10. Impacted is an unknown function. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early… | ||
| CVE-2025-15141 | Low | 0.20 | 3.1 | 0.00 | Dec 28, 2025 | A vulnerability was determined in Halo up to 2.21.10. This issue affects some unknown processing of the file /actuator of the component Configuration Handler. Executing a manipulation can lead to information disclosure. The attack may be performed from remote. This attack is… | ||
| CVE-2019-15311 | 0.01 | — | 0.08 | Jul 1, 2020 | An issue was discovered on Zolo Halo devices via the Linkplay firmware. There is Zolo Halo LAN remote code execution. The Zolo Halo Bluetooth speaker had a GoAhead web server listening on the port 80. The /httpapi.asp endpoint of the GoAhead web server was also vulnerable to… | |||
| CVE-2025-70886 | 0.00 | — | 0.00 | Feb 12, 2026 | An issue in halo v.2.22.4 and before allows a remote attacker to cause a denial of service via a crafted payload to the public comment submission endpoint | |||
| CVE-2025-44595 | 0.00 | — | 0.00 | Sep 9, 2025 | Halo v2.20.17 and before is vulnerable to Cross Site Scripting (XSS) in /halo_host/archives/{name}. | |||
| CVE-2025-44594 | 0.00 | — | 0.00 | Sep 9, 2025 | halo v2.20.17 and before is vulnerable to server-side request forgery (SSRF) in /apis/uc.api.storage.halo.run/v1alpha1/attachments/-/upload-from-url. | |||
| CVE-2025-44593 | 0.00 | — | 0.00 | Sep 9, 2025 | Halo prior to 2.20.13 allows bypassing file type detection and uploading malicious files such as .exe and .html files. Specifically, .html files can trigger stored XSS vulnerabilities. This vulnerability is fixed in 2.20.13 | |||
| CVE-2024-56156 | 0.00 | — | 0.01 | Apr 25, 2025 | Halo is an open source website building tool. Prior to version 2.20.13, a vulnerability in Halo allows attackers to bypass file type validation controls. This bypass enables the upload of malicious files including executables and HTML files, which can lead to stored cross-site… | |||
| CVE-2024-43793 | 0.00 | — | 0.00 | Sep 11, 2024 | Halo is an open source website building tool. A security vulnerability has been identified in versions prior to 2.19.0 of the Halo project. This vulnerability allows an attacker to execute malicious scripts in the user's browser through specific HTML and JavaScript code,… | |||
| CVE-2024-43792 | 0.00 | — | 0.00 | Sep 2, 2024 | Halo is an open source website building tool. A security vulnerability has been identified in versions prior to 2.17.0 of the Halo project. This vulnerability allows an attacker to execute malicious scripts in the user's browser through specific HTML and JavaScript code,… | |||
| CVE-2023-33528 | 0.00 | — | 0.00 | Mar 28, 2024 | halo v1.6.0 is vulnerable to Cross Site Scripting (XSS). |
- risk 0.46cvss —epss 0.00
Improper Input Validation, the returnUrl parameter in Account Security Settings lacks proper input validation, allowing attackers to redirect users to malicious websites (Open Redirect) and inject JavaScript code to perform cross site scripting attack. The vulnerability…
- risk 0.42cvss 6.5epss 0.00
A Server-Side Request Forgery (SSRF) in the /themes/{name}/upgrade-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request.
- risk 0.40cvss 6.1epss 0.00
The reconcile method in the AttachmentReconciler class of the Halo system v.2.20.18LTS and before is vulnerable to XSS attacks.
- risk 0.40cvss 6.1epss 0.01
ruibaby Halo 0.0.2 has stored XSS via the loginName and loginPwd parameters in a failed login attempt to AdminController.java.
- risk 0.40cvss 6.1epss 0.01
ruibaby Halo 0.0.2 has stored XSS via the commentAuthor field to FrontCommentController.java.
- risk 0.38cvss 5.8epss 0.00
An unauthenticated server-side request forgery (SSRF) vulnerability in the Thumbnail via-uri endpoint of Halo CMS 2.21 allows a remote attacker to cause the server to issue HTTP requests to attacker-controlled URLs, including internal addresses. The endpoint performs a…
- risk 0.35cvss 5.4epss 0.00
A Server-Side Request Forgery (SSRF) in the /plugins/-/install-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request.
- risk 0.28cvss 4.3epss 0.00
A Server-Side Request Forgery (SSRF) in the /plugins/{name}/upgrade-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request.
- risk 0.28cvss 4.3epss 0.00
A Server-Side Request Forgery (SSRF) in the /themes/-/install-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request.
- risk 0.28cvss 4.3epss 0.00
A vulnerability has been found in fit2cloud Halo 2.21.10. Impacted is an unknown function. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early…
- risk 0.20cvss 3.1epss 0.00
A vulnerability was determined in Halo up to 2.21.10. This issue affects some unknown processing of the file /actuator of the component Configuration Handler. Executing a manipulation can lead to information disclosure. The attack may be performed from remote. This attack is…
- CVE-2019-15311Jul 1, 2020risk 0.01cvss —epss 0.08
An issue was discovered on Zolo Halo devices via the Linkplay firmware. There is Zolo Halo LAN remote code execution. The Zolo Halo Bluetooth speaker had a GoAhead web server listening on the port 80. The /httpapi.asp endpoint of the GoAhead web server was also vulnerable to…
- CVE-2025-70886Feb 12, 2026risk 0.00cvss —epss 0.00
An issue in halo v.2.22.4 and before allows a remote attacker to cause a denial of service via a crafted payload to the public comment submission endpoint
- CVE-2025-44595Sep 9, 2025risk 0.00cvss —epss 0.00
Halo v2.20.17 and before is vulnerable to Cross Site Scripting (XSS) in /halo_host/archives/{name}.
- CVE-2025-44594Sep 9, 2025risk 0.00cvss —epss 0.00
halo v2.20.17 and before is vulnerable to server-side request forgery (SSRF) in /apis/uc.api.storage.halo.run/v1alpha1/attachments/-/upload-from-url.
- CVE-2025-44593Sep 9, 2025risk 0.00cvss —epss 0.00
Halo prior to 2.20.13 allows bypassing file type detection and uploading malicious files such as .exe and .html files. Specifically, .html files can trigger stored XSS vulnerabilities. This vulnerability is fixed in 2.20.13
- CVE-2024-56156Apr 25, 2025risk 0.00cvss —epss 0.01
Halo is an open source website building tool. Prior to version 2.20.13, a vulnerability in Halo allows attackers to bypass file type validation controls. This bypass enables the upload of malicious files including executables and HTML files, which can lead to stored cross-site…
- CVE-2024-43793Sep 11, 2024risk 0.00cvss —epss 0.00
Halo is an open source website building tool. A security vulnerability has been identified in versions prior to 2.19.0 of the Halo project. This vulnerability allows an attacker to execute malicious scripts in the user's browser through specific HTML and JavaScript code,…
- CVE-2024-43792Sep 2, 2024risk 0.00cvss —epss 0.00
Halo is an open source website building tool. A security vulnerability has been identified in versions prior to 2.17.0 of the Halo project. This vulnerability allows an attacker to execute malicious scripts in the user's browser through specific HTML and JavaScript code,…
- CVE-2023-33528Mar 28, 2024risk 0.00cvss —epss 0.00
halo v1.6.0 is vulnerable to Cross Site Scripting (XSS).
Page 1 of 3