Lucene search
GoogleOSV:GHSA-RVRJ-J7CC-236PHistoryMay 17, 2022 - 1:33 a.m.
DotNetNuke (DNN) Cross-site scripting (XSS) vulnerability via the __dnnVariable parameter
2022-05-1701:33:02
Google
osv.dev
11
dotnetnuke
xss vulnerability
__dnnvariable parameter
remote attackers
web script
html
default uri
software
EPSS
0.002
Percentile
64.9%
Cross-site scripting (XSS) vulnerability in DotNetNuke (DNN) before 6.2.9 and 7.x before 7.1.1 allows remote attackers to inject arbitrary web script or HTML via the __dnnVariable parameter to the default URI.
References
Related
cvelist
cvelist
CVE-2013-4649
2014-03-12 14:00:00
github
github
packetstorm
packetstorm
DotNetNuke (DNN) 7.1.0 / 6.2.8 Cross Site Scripting
2013-08-13 00:00:00
veracode
veracode
Cross-Site Scripting (XSS)
2018-11-16 02:04:59
cve
cve
CVE-2013-4649
2014-03-12 14:55:30
nessus
nessus
DNN (DotNetNuke) __dnnVariable Parameter XSS
2013-08-16 00:00:00
DNN (DotNetNuke) < 6.2.9 / 7.1.1 Multiple Vulnerabilities
2013-10-03 00:00:00
nvd
nvd
CVE-2013-4649
2014-03-12 14:55:30
prion
prion
Cross site scripting
2014-03-12 14:55:00
openvas
openvas