CVE-2019-16890 Posted on 2019년 9월 26일2019년 9월 26일 by admin CVE-2019-16890 Halo 1.1.0 has XSS via a crafted authorUrl in JSON data to api/content/posts/comments. Source: CVE-2019-16890