CVE-2019-16890 admin 6년 ago CVE-2019-16890 Halo 1.1.0 has XSS via a crafted authorUrl in JSON data to api/content/posts/comments. Source: CVE-2019-16890