0.001 Low
EPSS
Percentile
21.6%
cypress-orchardcore is vulnerable to cross-site scripting. An attacker can inject and execute malicious javascript through the menu editing function of the library.
github.com/orchardcms/orchardcore/commit/218f25ddfadb66a54de7a82dffe3ab2e4ab7c4b4
github.com/OrchardCMS/OrchardCore/pull/11034
huntr.dev/bounties/a82a714a-9b71-475e-bfc3-43326fcaf764
huntr.dev/bounties/a82a714a-9b71-475e-bfc3-43326fcaf764/