{"id":76008,"date":"2026-01-30T19:46:39","date_gmt":"2026-01-30T16:16:39","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2020-37019-orchard-core-rc1-persistent-cross-site-scripting\/"},"modified":"2026-01-30T19:46:39","modified_gmt":"2026-01-30T16:16:39","slug":"cve-2020-37019-orchard-core-rc1-persistent-cross-site-scripting","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2020-37019-orchard-core-rc1-persistent-cross-site-scripting\/","title":{"rendered":"CVE-2020-37019 &#8211; Orchard Core RC1 &#8211; Persistent Cross-Site Scripting"},"content":{"rendered":"<p>CVE ID : CVE-2020-37019<\/p>\n<p>Published :  Jan. 30, 2026, 4:16 p.m. | 54\u00a0minutes ago<\/p>\n<p>Description : Orchard Core RC1 contains a persistent cross-site scripting vulnerability that allows remote attackers to inject malicious scripts through blog post creation. Attackers can create blog posts with embedded JavaScript in the MarkdownBodyPart.Source parameter to execute arbitrary scripts in victim browsers.<\/p>\n<p>Severity: 6.4 | MEDIUM<\/p>\n<p>Visit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID : CVE-2020-37019 Published : Jan. 30, 2026, 4:16 p.m. | 54\u00a0minutes ago Description : Orchard Core RC1 contains a persistent cross-site scripting vulnerability that allows remote attackers to inject malicious scripts through blog post creation. Attackers can create blog posts with embedded JavaScript in the MarkdownBodyPart.Source parameter to execute arbitrary scripts in victim &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-76008","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/76008","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=76008"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/76008\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=76008"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=76008"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=76008"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}