Kingz40O

Name of the Vulnerable Software and Affected Versions: Halo version 0.4.3 Description: The issue allows a malicious user to bypass encryption and view encrypted articles via cookies, due to an Incorrect Access Control vulnerability. Recommendations: For Halo version 0.4.3, update to a version that addresses the Incorrect Access Control issue to prevent unauthorized access to encrypted articles.

Name of the Vulnerable Software and Affected Versions: Halo version 0.4.3 Description: A File Deletion issue exists via the delBackup function. Recommendations: For Halo version 0.4.3, consider restricting access to the delBackup function as a temporary workaround until a patch is available.