Submit #853064: halo <=2.24.2 Arbitrary File Write(AFW)info

Titelhalo <=2.24.2 Arbitrary File Write(AFW)
Beschreibunghttps://github.com/halo-dev/halo I first reported this vulnerability privately via email approximately 30 days ago. As the project author has not responded, I am now proceeding with public disclosure via this GitHub Issue and would like to request a CVE ID for this vulnerability. The detailed vulnerability information has been submitted to this project's Issues. Please review it at the following link: https://github.com/halo-dev/halo/issues/10062
Quelle⚠️ https://github.com/halo-dev/halo/issues/10062
Benutzer
 rekczh (UID 98239)
Einreichung09.06.2026 16:09 (vor 1 Monat)
Moderieren09.07.2026 20:20 (1 month later)
StatusAkzeptiert
VulDB Eintrag377265 [halo-dev halo bis 2.24.2 Theme Installation ThemeUtils.java ThemeUtils.unzipThemeTo metadata.name Directory Traversal]
Punkte20

Do you want to use VulDB in your project?

Use the official API to access entries easily!