PT-2026-60931 · Halo Dev · Halo
CVSS v2.0
5.8
Medium
| Vector | AV:N/AC:L/Au:M/C:P/I:P/A:P |
A vulnerability was detected in halo-dev halo up to 2.24.2. Affected by this vulnerability is the function Download of the file MigrationEndpoint.java of the component Files Backup Endpoint. Performing a manipulation results in path traversal. The attack is possible to be carried out remotely. The exploit is now public and may be used.
Exploit
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Halo