9 matches found
CVE-2026-24784
DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Starting in version 9.0.0 and prior to versions 9.13.10 and 10.2.0, a content editor could inject scripts in module headers/footers that would run for other users. Versions 9.13.10 and 10.2.0...
DotNetNuke.Core has a potential XSS vulnerability in modules' header and footer
A content editor could inject scripts in module headers/footers that would run for other users...
GHSA-JJWG-4948-6WXP DotNetNuke.Core has a potential XSS vulnerability in modules' header and footer
A content editor could inject scripts in module headers/footers that would run for other users...
CVE-2026-24784
DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Starting in version 9.0.0 and prior to versions 9.13.10 and 10.2.0, a content editor could inject scripts in module headers/footers that would run for other users. Versions 9.13.10 and 10.2.0...
CVE-2026-24784 DotNetNuke.Core has a potential XSS vulnerability in modules' header and footer
DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Starting in version 9.0.0 and prior to versions 9.13.10 and 10.2.0, a content editor could inject scripts in module headers/footers that would run for other users. Versions 9.13.10 and 10.2.0...
CVE-2026-24784
DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Starting in version 9.0.0 and prior to versions 9.13.10 and 10.2.0, a content editor could inject scripts in module headers/footers that would run for other users. Versions 9.13.10 and 10.2.0...
CVE-2026-24784 DotNetNuke.Core has a potential XSS vulnerability in modules' header and footer
DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Starting in version 9.0.0 and prior to versions 9.13.10 and 10.2.0, a content editor could inject scripts in module headers/footers that would run for other users. Versions 9.13.10 and 10.2.0...
CVE-2026-24784
CVE-2026-24784 affects DotNetNuke/DNN: a stored XSS vulnerability in module headers/footers that could allow script injection run in other users’ contexts. The issue occurs in DNN versions 9.0.0 up to, but not including, 9.13.10 and 10.2.0; 9.13.10 and 10.2.0 contain fixes. Impact is described as...
PT-2026-5039
DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Starting in version 9.0.0 and prior to versions 9.13.10 and 10.2.0, a content editor could inject scripts in module headers/footers that would run for other users. Versions 9.13.10 and 10.2.0...