Headline
CVE-2023-27164: GitHub - halo-dev/halo: 强大易用的开源建站工具。
An arbitrary file upload vulnerability in Halo up to v1.6.1 allows attackers to execute arbitrary code via a crafted .md file.
main
Switch branches/tags
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
10 branches 110 tags
Code
Clone
Use Git or checkout with SVN using the web URL.
Open with GitHub Desktop
Download ZIP
Latest commit
Git stats
- 4,099 commits
FilesPermalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
.github
config/checkstyle
console
docs
gradle/wrapper
hack
src
.editorconfig
.gitattributes
.gitignore
CODE_OF_CONDUCT.md
CONTRIBUTING.md
Dockerfile
LICENSE
OWNERS
README.md
SECURITY.md
build.gradle
gradle.properties
gradlew
gradlew.bat
settings.gradle
快速开始 在线体验 生态 许可证 贡献 状态
README.md
Halo [ˈheɪloʊ],强大易用的开源建站工具。
官网 文档 社区 Gitee Telegram 频道
快速开始
docker run \ -it -d \ –name halo \ -p 8090:8090 \ -v ~/.halo2:/root/.halo2 \ halohub/halo:2.2 \ –halo.external-url=http://localhost:8090/ \ –halo.security.initializer.superadminusername=admin \ –halo.security.initializer.superadminpassword=P@88w0rd
以上仅作为体验使用,详细部署文档请查阅:https://docs.halo.run/getting-started/install/docker-compose
在线体验
- 环境地址:https://demo.halo.run
- 后台地址:https://demo.halo.run/console
- 用户名:demo
- 密码:P@ssw0rd123…
生态
可访问 awesome-halo 查看已经适用于 Halo 2.0 的主题和插件,以及适用于 Halo 1.x 的相关仓库。
许可证
Halo 使用 GPL-v3.0 协议开源,请遵守开源协议。
贡献
参考 CONTRIBUTING。
状态