Mend Vulnerability Database
What is a CVE vulnerability ID? What is a WS vulnerability ID?New vulnerability? Tell us about it!
We found results for “”
Date: January 13, 2022
PoC DetailsLogin to the application.
Choose “essay”, then “write an article”. In the article’s title enter the below payload.
Now click “Preview”. An alert will pop out.
<script>alert("XSS in Article's title")</script>
Affected EnvironmentsHalo versions v1.0.0 through v1.4.17 (latest)
PreventionNo fix is provided
Good to know:
No fix version available
|Attack Vector (AV):||Network|
|Attack Complexity (AC):||Low|
|Privileges Required (PR):||Low|
|User Interaction (UI):||Required|
|Access Vector (AV):||Network|
|Access Complexity (AC):||Medium|