Show filters
7 Total Results
Displaying 1-7 of 7
Sort by:
Attacker Value
Unknown
CVE-2022-32173
Disclosure Date: October 03, 2022 (last updated February 24, 2025)
In OrchardCore rc1-11259 to v1.2.2 vulnerable to HTML injection, allow an authenticated user with an editor security role to inject a persistent HTML modal dialog component into the dashboard that will affect admin users.
0
Attacker Value
Unknown
CVE-2022-0822
Disclosure Date: March 11, 2022 (last updated February 23, 2025)
Cross-site Scripting (XSS) - Reflected in GitHub repository orchardcms/orchardcore prior to 1.3.0.
0
Attacker Value
Unknown
CVE-2022-0821
Disclosure Date: March 11, 2022 (last updated February 23, 2025)
Improper Authorization in GitHub repository orchardcms/orchardcore prior to 1.3.0.
0
Attacker Value
Unknown
CVE-2022-0820
Disclosure Date: March 11, 2022 (last updated February 23, 2025)
Cross-site Scripting (XSS) - Stored in GitHub repository orchardcms/orchardcore prior to 1.3.0.
0
Attacker Value
Unknown
CVE-2022-0243
Disclosure Date: January 19, 2022 (last updated February 23, 2025)
Cross-site Scripting (XSS) - Stored in NuGet OrchardCore.Application.Cms.Targets prior to 1.2.2.
0
Attacker Value
Unknown
CVE-2022-0274
Disclosure Date: January 19, 2022 (last updated February 23, 2025)
Cross-site Scripting (XSS) - Stored in NuGet OrchardCore.Application.Cms.Targets prior to 1.2.2.
0
Attacker Value
Unknown
CVE-2022-0159
Disclosure Date: January 12, 2022 (last updated February 23, 2025)
orchardcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
0
