Vulnerabilities > Fit2Cloud > Halo
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-22 | CVE-2022-28074 | Cross-site Scripting vulnerability in Fit2Cloud Halo 1.5.0 Halo-1.5.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via \admin\index.html#/system/tools. | 3.5 |
| 2022-01-13 | CVE-2022-22123 | Cross-site Scripting vulnerability in Fit2Cloud Halo In Halo, versions v1.0.0 to v1.4.17 (latest) are vulnerable to Stored Cross-Site Scripting (XSS) in the article title. | 3.5 |
| 2022-01-13 | CVE-2022-22124 | Cross-site Scripting vulnerability in Fit2Cloud Halo In Halo, versions v1.0.0 to v1.4.17 (latest) are vulnerable to Stored Cross-Site Scripting (XSS) in the profile image. | 3.5 |