Halo · Halo · CVE-2025-51857
**Name of the Vulnerable Software and Affected Versions**
Halo versions prior to 2.20.18LTS
**Description**
The `reconcile` method within the `AttachmentReconciler` class is susceptible to Cross-Site Scripting (XSS) attacks.
**Recommendations**
Update to a version of Halo later than 2.20.18LTS.