CVE-2022-32173

Published: Oct 3, 2022

Modified: Sep 16, 2024

PUBLISHED

Description

In OrchardCore rc1-11259 to v1.2.2 vulnerable to HTML injection, allow an authenticated user with an editor security role to inject a persistent HTML modal dialog component into the dashboard that will affect admin users.

Vendor	Product	Versions
OrchardCore	OrchardCore	affected `v0.0.1 - < unspecified` affected `unspecified - <= rc2-13929`

Weaknesses (CWE)

CWE-79

References

https://www.mend.io/vulnerability-database/CVE-2022-32173

x_refsource_MISC

https://github.com/OrchardCMS/OrchardCore/commit/0163c88ddeaca39815d7e6e5ea1c8391085cc136

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-32173

Description

Affected Products

Weaknesses (CWE)

References