A non-persistent XSS vulnerability has been discovered in the Orchard.Comments module that is distributed with the core distribution of the CMS. The module could in some circumstances let an external website render custom scripts on an Orchard website. This vulnerability might ultimately be used to gather your credentials if you further authenticate on the targeted Orchard website.
All released versions of Orchard are vulnerable and need to be patched immediately.
We are releasing today (April 30, 2013) a new version 1.6.1 of Orchard 1.6 that has the patch in place. This new version is replacing the previously available download. If you are downloading Orchard 1.6.1 today, you do not need to take any additional steps. The latest 1.x development branch is already patched as well. We are also releasing patch files for each version of Orchard from 1.0 to 1.6 that can be applied to existing web sites.
Great to see that security risks are getting patched immediately !
In addition to everything which WebMatrix 2 offers, WebMatrix 3 brings you easy access to your Windows Azure websites. Icon-sized previews of your sites make them easy to find and open. Access your remote sites as seamlessly as local sites. When you need to protect your work or collaborate on team projects, you’ll love our integration of Git and TFS source control systems. These are just a few of the highly requested features we’ve added in WebMatrix 3! http://www.microsoft.com/web/post/webmatrix-3-preview-how-to-articles
Orchard CMS is a free, open source content management system that allows users to rapidly create web sites on the Microsoft ASP.NET platform. It is built on a flexible extensibility framework that enables developers and customizers to provide additional functionality through extensions and themes.
TwitSpark™ is an easy-to-use tool that helps you and your team take full control over twitter conversations concerning your brand, by storing, sorting and automatically following up on them, turning your twitter account into a powerful support system.