TODO

2019-07-05T21:08:20
ID GHSA-XX3H-J3CX-8QFJ
Type github
Reporter GitHub Advisory Database
Modified 2020-04-08T15:47:43

Description

DNN (aka DotNetNuke) 9.2 through 9.2.2 incorrectly converts encryption key source values, resulting in lower than expected entropy. NOTE: this issue exists because of an incomplete fix for CVE-2018-15812.