CVE-2022-0820

Name of the Vulnerable Software and Affected Versions orchardcore versions prior to 1.3.0

Description The issue is related to Cross-site Scripting (XSS) - Stored, which occurs when an application stores user input without proper validation and later displays it, allowing attackers to inject malicious scripts. This affects the GitHub repository orchardcms/orchardcore.

Recommendations For versions prior to 1.3.0, update to version 1.3.0 or later to resolve the issue. As a temporary workaround, consider restricting user input validation to minimize the risk of exploitation.