Microsoft is providing notification of the discovery and remediation of a vulnerability affecting DotNetNuke 6.0.2 and earlier versions. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, DotNetNuke. DotNetNuke has remediated the vulnerability in their software.
Microsoft Vulnerability Research reported this issue to and coordinated with DotNetNuke to ensure remediation of this issue. The vulnerability has been assigned the entry, CVE-2012-1036, in the Common Vulnerabilities and Exposures list. For more information, including information about updates from DotNetNuke, see DotNetNuke Security Bulletin 59.