Lucene search
K

754 matches found

EUVD
EUVD
added 2026/01/27 11:53 p.m.4 views

EUVD-2026-4864

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Starting in version 9.0.0 and prior to versions 9.13.10 and 10.2.0, a module friendly name could include scripts that will run during some module operations in the Persona Bar. Versions 9.13....

7.6CVSS5.9AI score0.00249EPSS
Exploits0References1
CVE
CVE
added 2026/01/27 11:51 p.m.16 views

CVE-2026-24836

The CVE-2026-24836 issue affects DotNetNuke (DNN) core: versions 9.0.0 through <9.13.10 and

7.6CVSS5.9AI score0.00226EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/01/27 11:51 p.m.31 views

CVE-2026-24836 DotNetNuke.Core Vulnerable to Stored XSS in Scheduler LogNotes

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Starting in version 9.0.0 and prior to versions 9.13.10 and 10.2.0, extensions could write richtext in log notes which can include scripts that would run in the PersonaBar when displayed...

7.6CVSS0.00226EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/27 11:51 p.m.6 views

EUVD-2026-4863

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Starting in version 9.0.0 and prior to versions 9.13.10 and 10.2.0, extensions could write richtext in log notes which can include scripts that would run in the PersonaBar when displayed...

7.6CVSS5.9AI score0.00226EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/27 11:51 p.m.10 views

CVE-2026-24836 DotNetNuke.Core Vulnerable to Stored XSS in Scheduler LogNotes

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Starting in version 9.0.0 and prior to versions 9.13.10 and 10.2.0, extensions could write richtext in log notes which can include scripts that would run in the PersonaBar when displayed...

7.6CVSS5.9AI score0.00226EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/27 11:51 p.m.3 views

CVE-2026-24836

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Starting in version 9.0.0 and prior to versions 9.13.10 and 10.2.0, extensions could write richtext in log notes which can include scripts that would run in the PersonaBar when displayed...

7.6CVSS5.9AI score0.00226EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/01/27 11:51 p.m.7 views

CVE-2026-24836 DotNetNuke.Core Vulnerable to Stored XSS in Scheduler LogNotes

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Starting in version 9.0.0 and prior to versions 9.13.10 and 10.2.0, extensions could write richtext in log notes which can include scripts that would run in the PersonaBar when displayed...

7.6CVSS5.9AI score0.00226EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/27 11:49 p.m.6 views

EUVD-2026-4862

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Prior to versions 9.13.10 and 10.2.0, a module could install with richtext in its description field which could contain scripts that will run for user in the Persona Bar. Versions 9.13.10 and...

7.6CVSS5.9AI score0.00174EPSS
Exploits0References1
OSV
OSV
added 2026/01/27 11:49 p.m.5 views

CVE-2026-24833 DotNetNuke.Core Vulnerable to Stored XSS in Module Description

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Prior to versions 9.13.10 and 10.2.0, a module could install with richtext in its description field which could contain scripts that will run for user in the Persona Bar. Versions 9.13.10 and...

7.6CVSS5.9AI score0.00174EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/01/27 11:49 p.m.29 views

CVE-2026-24833 DotNetNuke.Core Vulnerable to Stored XSS in Module Description

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Prior to versions 9.13.10 and 10.2.0, a module could install with richtext in its description field which could contain scripts that will run for user in the Persona Bar. Versions 9.13.10 and...

7.6CVSS0.00174EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/27 11:49 p.m.2 views

CVE-2026-24833 DotNetNuke.Core Vulnerable to Stored XSS in Module Description

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Prior to versions 9.13.10 and 10.2.0, a module could install with richtext in its description field which could contain scripts that will run for user in the Persona Bar. Versions 9.13.10 and...

7.6CVSS5.9AI score0.00174EPSS
Exploits0References1
CVE
CVE
added 2026/01/27 11:49 p.m.13 views

CVE-2026-24833

DotNetNuke (DNN) Platform versions prior to 9.13.10 and 10.2.0 are affected by a stored XSS in the module description (richtext) that can execute scripts in the Persona Bar. Root cause: descriptions in module installation may contain un sanitized scripts. Affected component: DotNetNuke.Core. Reme...

7.6CVSS5.9AI score0.00174EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/01/27 11:49 p.m.3 views

CVE-2026-24833

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Prior to versions 9.13.10 and 10.2.0, a module could install with richtext in its description field which could contain scripts that will run for user in the Persona Bar. Versions 9.13.10 and...

7.6CVSS5.9AI score0.00174EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/01/27 11:47 p.m.3 views

CVE-2026-24784

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Starting in version 9.0.0 and prior to versions 9.13.10 and 10.2.0, a content editor could inject scripts in module headers/footers that would run for other users. Versions 9.13.10 and 10.2.0...

6.8CVSS5.9AI score0.0016EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/01/27 11:47 p.m.15 views

CVE-2026-24784

CVE-2026-24784 affects DotNetNuke/DNN: a stored XSS vulnerability in module headers/footers that could allow script injection run in other users’ contexts. The issue occurs in DNN versions 9.0.0 up to, but not including, 9.13.10 and 10.2.0; 9.13.10 and 10.2.0 contain fixes. Impact is described as...

6.8CVSS5.9AI score0.0016EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/27 11:47 p.m.2 views

CVE-2026-24784 DotNetNuke.Core has a potential XSS vulnerability in modules' header and footer

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Starting in version 9.0.0 and prior to versions 9.13.10 and 10.2.0, a content editor could inject scripts in module headers/footers that would run for other users. Versions 9.13.10 and 10.2.0...

6.8CVSS5.9AI score0.0016EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/27 11:47 p.m.32 views

CVE-2026-24784 DotNetNuke.Core has a potential XSS vulnerability in modules' header and footer

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Starting in version 9.0.0 and prior to versions 9.13.10 and 10.2.0, a content editor could inject scripts in module headers/footers that would run for other users. Versions 9.13.10 and 10.2.0...

6.8CVSS0.0016EPSS
Exploits0References1
OSV
OSV
added 2026/01/27 11:47 p.m.4 views

CVE-2026-24784 DotNetNuke.Core has a potential XSS vulnerability in modules' header and footer

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Starting in version 9.0.0 and prior to versions 9.13.10 and 10.2.0, a content editor could inject scripts in module headers/footers that would run for other users. Versions 9.13.10 and 10.2.0...

6.8CVSS5.9AI score0.0016EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/27 12:0 a.m.8 views

PT-2026-5040

Name of the Vulnerable Software and Affected Versions DNN formerly DotNetNuke versions prior to 9.13.10 DNN formerly DotNetNuke versions prior to 10.2.0 Description DNN formerly DotNetNuke is an open-source web content management platform. Prior to versions 9.13.10 and 10.2.0, a module could be...

7.6CVSS5.3AI score0.00174EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/01/27 12:0 a.m.6 views

PT-2026-5042

Name of the Vulnerable Software and Affected Versions DNN formerly DotNetNuke versions 9.0.0 through 9.13.9 DNN formerly DotNetNuke versions 10.0.0 through 10.1.x Description DNN formerly DotNetNuke is an open-source web content management platform. A module friendly name can include scripts that...

7.6CVSS5.3AI score0.00249EPSS
Exploits0References9
Rows per page
Query Builder