Luoliu

**Name of the Vulnerable Software and Affected Versions** Halo versions prior to 2.19.0 **Description** A security issue has been identified in the Halo project, allowing an attacker to execute malicious scripts in the user's browser through specific HTML and JavaScript code, potentially leading to a Cross-Site Scripting (XSS) attack. **Recommendations** For versions prior to 2.19.0, update to version 2.19.0 to resolve the issue. As a temporary workaround, consider restricting the use of HTML and JavaScript code in the Halo project until the update is applied.