CVE-2022-32994 Information

Description

Halo CMS v1.5.3 was discovered to contain an arbitrary file upload vulnerability via the component /api/admin/attachments/upload.

Reference

https://github.com/zongdeiqianxing/cve-reports/issues/1