CVE-2022-32994

CVE-2022-32994

Halo CMS v1.5.3 was discovered to contain an arbitrary file upload vulnerability via the component /api/admin/attachments/upload.

Source: CVE-2022-32994