Halo-1.5.0 exists to contain a stored cross-site scripting (XSS) vulnerability via \admin\index.html#/system/tools.
fit2cloud halo 1.5.0