CVE-2026-24833

DotNetNuke (DNN) Platform versions prior to 9.13.10 and 10.2.0 are affected by a stored XSS in the module description (richtext) that can execute scripts in the Persona Bar. Root cause: descriptions in module installation may contain un sanitized scripts. Affected component: DotNetNuke.Core. Reme...

DotNetNuke arbitrary code execution vulnerability(CVE-2017-9822)

0x00 background description DNN uses web cookies to identify users. A malicioususer can decode one of such cookies and identify who that user is, and possiblyimpersonate other users and even upload malicious code to the server. --DNNsecurity-center 2017 7 November 5, DNN security sector released ...