CVE-2022-37720
- Reference to the description:
- Description:
- Orchardproject Orchard CMS 1.10.3 is vulnerable to Cross Site Scripting (XSS). When a low privileged user such as an author or publisher, injects a crafted html and javascript payload in a blog post, leading to full admin account takeover or privilege escalation when the malicious blog post is loaded in the victim's browser.
- Last updated date:
- 11/29/2022
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 11/29/2022
- Reference url to background