Description
ruibaby Halo 0.0.2 has stored XSS via the commentAuthor field to FrontCommentController.java.
Remediation
References
https://github.com/ruibaby/halo/issues/9
Related Vulnerabilities
CVE-2021-23337 Vulnerability in maven package org.webjars.npm:lodash.template
CVE-2023-33202 Vulnerability in maven package org.bouncycastle:bcprov-jdk18on
CVE-2020-26302 Vulnerability in maven package org.webjars.bowergithub.arasatasaygin:is.js
CVE-2023-47324 Vulnerability in maven package org.silverpeas.core:silverpeas-core
CVE-2010-5312 Vulnerability in maven package org.fujion.webjars:jquery-ui