Orchardcore

orchardcore

Vendor: Orchardcore • 7 CVEs

CVEs (7)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-32173 1Orchardcore 1Orchardcore Nov 21, 2024 Oct 3, 2022 N/A· v4 5.4 MEDIUM· v3 N/A· v2 In OrchardCore rc1-11259 to v1.2.2 vulnerable to HTML injection, allow an authenticated user with an editor security role to inject a persistent HTML modal dialog component into the dashboard that will affect admin users...Show more In OrchardCore rc1-11259 to v1.2.2 vulnerable to HTML injection, allow an authenticated user with an editor security role to inject a persistent HTML modal dialog component into the dashboard that will affect admin users.Show less
CVE-2022-0822 1Orchardcore 1Orchardcore Nov 21, 2024 Mar 11, 2022 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 Cross-site Scripting (XSS) - Reflected in GitHub repository orchardcms/orchardcore prior to 1.3.0.
CVE-2022-0821 1Orchardcore 1Orchardcore Nov 21, 2024 Mar 11, 2022 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Improper Authorization in GitHub repository orchardcms/orchardcore prior to 1.3.0.
CVE-2022-0820 1Orchardcore 1Orchardcore Nov 21, 2024 Mar 11, 2022 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Cross-site Scripting (XSS) - Stored in GitHub repository orchardcms/orchardcore prior to 1.3.0.
CVE-2022-0243 1Orchardcore 1Orchardcore Nov 21, 2024 Jan 19, 2022 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 Cross-site Scripting (XSS) - Stored in NuGet OrchardCore.Application.Cms.Targets prior to 1.2.2.
CVE-2022-0274 1Orchardcore 1Orchardcore Nov 21, 2024 Jan 19, 2022 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 Cross-site Scripting (XSS) - Stored in NuGet OrchardCore.Application.Cms.Targets prior to 1.2.2.
CVE-2022-0159 1Orchardcore 1Orchardcore Nov 21, 2024 Jan 12, 2022 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 orchardcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')