Medium severity6.4NVD Advisory· Published Jan 30, 2026· Updated Apr 15, 2026
CVE-2020-37019
CVE-2020-37019
Description
Orchard Core RC1 contains a persistent cross-site scripting vulnerability that allows remote attackers to inject malicious scripts through blog post creation. Attackers can create blog posts with embedded JavaScript in the MarkdownBodyPart.Source parameter to execute arbitrary scripts in victim browsers.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: = RC1
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.