CVE-2022-0820 | THREATINT

Description

Cross-site Scripting (XSS) - Stored in GitHub repository orchardcms/orchardcore prior to 1.3.0.

PUBLISHED Reserved 2022-03-01 | Published 2022-03-10 | Updated 2024-08-02 | Assigner @huntrdev

MEDIUM: 4.7CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

Problem types

CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Product status

Any version before 1.3.0

affected

References

huntr.dev/bounties/d00e7175-4764-4962-ae0d-a66501dda2e6

github.com/...ommit/b7096af1028d8f909f63dd076d1bbd573913a92d

huntr.dev/bounties/d00e7175-4764-4962-ae0d-a66501dda2e6

github.com/...ommit/b7096af1028d8f909f63dd076d1bbd573913a92d

cve.org (CVE-2022-0820)

nvd.nist.gov (CVE-2022-0820)

Download JSON

help @ threatint.eu