Browse all 6 CVE security advisories affecting orchardcms. AI-powered Chinese analysis, POCs, and references for each vulnerability.
OrchardCMS is an open-source content management system primarily used for building websites and web applications. Historically, it has been vulnerable to classes including remote code execution, cross-site scripting, and privilege escalation, with six CVEs documented. The platform's modular architecture introduces potential attack surfaces through extensions and themes. While no major security incidents have been widely reported, the presence of multiple CVEs indicates ongoing security challenges. Regular updates and careful module selection are recommended to mitigate risks. OrchardCMS's extensibility remains a core strength but requires vigilant security practices to prevent exploitation.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2022-0822 | Cross-site Scripting (XSS) - Reflected in orchardcms/orchardcore — orchardcms/orchardcoreCWE-79 | 6.1 | - | 2022-03-11 |
| CVE-2022-0821 | Improper Authorization in orchardcms/orchardcore — orchardcms/orchardcoreCWE-285 | 6.5 | - | 2022-03-10 |
| CVE-2022-0820 | Cross-site Scripting (XSS) - Stored in orchardcms/orchardcore — orchardcms/orchardcoreCWE-79 | 5.4 | - | 2022-03-10 |
| CVE-2022-0243 | Cross-site Scripting (XSS) - Stored in orchardcms/orchardcore — orchardcms/orchardcoreCWE-79 | 5.4 | - | 2022-01-19 |
| CVE-2022-0274 | Cross-site Scripting (XSS) - Stored in orchardcms/orchardcore — orchardcms/orchardcoreCWE-79 | 5.4 | - | 2022-01-19 |
| CVE-2022-0159 | Cross-site Scripting (XSS) - Stored in orchardcms/orchardcore — orchardcms/orchardcoreCWE-79 | 5.4 | - | 2022-01-12 |
This page lists every published CVE security advisory associated with orchardcms. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.