Back to CVE List

CVE-2026-16088

MEDIUM SEVERITY

CVSS Score & Metrics

Base Score
4.7 / 10
Vector String
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

Vulnerability Description

A vulnerability was detected in halo-dev halo up to 2.24.2. Affected by this vulnerability is the function Download of the file MigrationEndpoint.java of the component Files Backup Endpoint. Performing a manipulation results in path traversal. The attack is possible to be carried out remotely. The exploit is now public and may be used.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-22
Source
NVD
Vendor
halo-dev
Product
halo

External References

Discussion (0)

Add Comment

No comments yet. Be the first!