2 matches found
CVE-2020-29593
An issue was discovered in Orchard before 1.10. The Media Settings Allowed File Types list field allows an attacker to add a XSS payload that will execute when users attempt to upload a disallowed file type, causing the error to display...
CVE-2020-29593
CVE-2020-29593 affects Orchard CMS before 1.10. The vulnerability arises in the Media Settings: Allowed File Types list, where an attacker can insert an XSS payload that executes when a user uploads a disallowed file type, causing an error message to display. The issue is confirmed across multipl...