4 matches found
EUVD-2025-30452
Malicious code in bioql PyPI...
CVE-2025-59539 DNN affected by Stored Cross-Site Scripting (XSS) in Profile Biography field
DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Prior to version 10.1.0, when embedding information in the Biography field, even if that field is not rich-text, users could inject javascript code that would run in the context of the websit...
CVE-2025-59539
DNN (DotNetNuke) before 10.1.0 is vulnerable to Stored XSS in the Biography field where non‑rich text can inject JavaScript; it's patched in 10.1.0. Upgrade to 10.1.0+ or apply the vendor fix. The issue affects profile views including admins/superusers as described in the CVE details.
CVE-2025-59539 DNN affected by Stored Cross-Site Scripting (XSS) in Profile Biography field
DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Prior to version 10.1.0, when embedding information in the Biography field, even if that field is not rich-text, users could inject javascript code that would run in the context of the websit...