2 matches found
CVE-2022-32173
creationtimestamp| type| source ---|---|--- 2022-10-03 16:39:08+00:00| seen| https://t.me/cibsecurity/50825...
CVE-2022-32173
The CVE pertains to OrchardCore versions rc1-11259 through v1.2.2, where an authenticated user with an editor role can inject a persistent HTML modal into the dashboard, potentially affecting admin users due to insufficient input filtering/escaping. Root cause: lack of proper sanitization in edit...