2 matches found
CVE-2020-15263
The CVE-2020-15263 entry describes an XSS vulnerability in the orchid/platform (and related variants) prior to version 9.4.4. The issue arises when inline attributes are not properly escaped, allowing cross-site scripting if user-provided data is not escaped. Affected versions range from 9.0.0 up...
CVE-2020-15263 XSS in platform
In platform before version 9.4.4, inline attributes are not properly escaped. If the data that came from users was not escaped, then an XSS vulnerability is possible. The issue was introduced in 9.0.0 and fixed in 9.4.4...