Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in the Users module in Orchard 1.7.3 through 1.8.2 and 1.9.x before 1.9.1 allows remote attackers to inject arbitrary web script or HTML via the username when creating a new user account, which is not properly handled when deleting an account.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Orchard Users模块跨站脚本漏洞
Vulnerability Description
Orchard是Outercurve基金会的一个以微软为主导的开源CMS项目。该项目允许使用者在Asp.Net平台上快速建立网站,并且提供扩展框架能够允许定制人员通过模块和主题等增加额外的内容。 Orchard 1.7.3版本至1.8.2版本和1.9.1之前1.9.x版本的Users模块中存在跨站脚本漏洞。远程攻击者可借助创建新用户账户时的用户名利用该漏洞注入任意Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A