Cross-site Request Forgery (CSRF)
Overview DotNetNuke.Core is a references provider to the DotNetNuke.dll to develop extensions for the DNN Platform. Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF in the AddFriend functionality. An attacker can send a request that forces another user to accept...