4 matches found
DNN (DotNetNuke) < 5.3.0 SearchResults.aspx XSS
The version of DNN installed on the remote host is affected by a cross-site scripting vulnerability due to a failure to properly sanitize user-supplied input to the 'Search' parameter of the 'SearchResults.aspx' script before using it to generate dynamic HTML output. An unauthenticated, remote...
CVE-2009-4110
Cross-site scripting XSS vulnerability in the search functionality in DotNetNuke 4.8 through 5.1.4 allows remote attackers to inject arbitrary web script or HTML via search terms that are not properly filtered before display in a custom results page...
CVE-2009-4110
The CVE-2009-4110 entry applies to DotNetNuke (DNN) 4.8.x through 5.1.4, where the Search functionality in SearchResults.aspx is vulnerable to cross-site scripting (XSS) due to insufficient sanitization of the user-provided search terms before dynamic HTML output. The vulnerability is exploitable...
CVE-2009-4110
Cross-site scripting XSS vulnerability in the search functionality in DotNetNuke 4.8 through 5.1.4 allows remote attackers to inject arbitrary web script or HTML via search terms that are not properly filtered before display in a custom results page...