CVE-2009-1366

2009-04-2221:00:00

mitre

www.cve.org

AI Score

5.7

Confidence

High

EPSS

0.002

Percentile

56.7%

JSON

Cross-site scripting (XSS) vulnerability in Website\admin\Sales\paypalipn.aspx in DotNetNuke (DNN) before 4.9.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to “name/value pairs” and “paypal IPN functionality.”