2 matches found
EUVD-2025-36565
DNN vulnerable to stored cross-site-scripting XSS via SVG upload...
Cross-site Scripting (XSS)
Overview DotNetNuke.Core is a references provider to the DotNetNuke.dll to develop extensions for the DNN Platform. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the rendering of inline SVG files. An attacker can execute arbitrary scripts in the context of the...