Dotnetnuke : Security Vulnerabilities, CVEs, Published In 2014
Open redirect vulnerability in DotNetNuke (DNN) before 6.2.9 and 7.x before 7.1.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.15%
Published
2014-03-12
Updated
2014-03-13
Cross-site scripting (XSS) vulnerability in DotNetNuke (DNN) before 6.2.9 and 7.x before 7.1.1 allows remote attackers to inject arbitrary web script or HTML via the __dnnVariable parameter to the default URI.
Max CVSS
4.3
EPSS Score
0.25%
Published
2014-03-12
Updated
2017-08-29
Cross-site scripting (XSS) vulnerability in DotNetNuke (DNN) before 6.2.9 and 7.x before 7.1.1 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to the Display Name field in the Manage Profile.
Max CVSS
3.5
EPSS Score
0.09%
Published
2014-03-12
Updated
2014-03-13
3 vulnerabilities found