Halo CMS v1.5.3 was discovered to contain a Server-Side Request Forgery (SSRF) via the template remote download function.Referenceshttps://github.com/zongdeiqianxing/cve-reports/issues/2
