Vulnerabilities > Halo > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-07-12 CVE-2020-19038 Missing Authorization vulnerability in Halo 0.4.3
File Deletion vulnerability in Halo 0.4.3 via delBackup.
network
low complexity
halo CWE-862
critical
9.1
2020-09-30 CVE-2020-21523 Injection vulnerability in Halo 1.1.3
A Server-Side Freemarker template injection vulnerability in halo CMS v1.1.3 In the Edit Theme File function.
network
low complexity
halo CWE-74
critical
10.0