4 matches found
CVE-2012-1030
Cross-site scripting XSS vulnerability in DotNetNuke 6.x through 6.0.2 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted URL containing text that is used within a modal popup...
CVE-2012-1030
Cross-site scripting XSS vulnerability in DotNetNuke 6.x through 6.0.2 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted URL containing text that is used within a modal popup...
CVE-2012-1030
CVE-2012-1030 concerns a Cross-Site Scripting (XSS) flaw in DotNetNuke 6.x up to 6.0.2. The issue arises from how script information is validated in a specially crafted URL used with a modal popup, allowing a user-assisted remote attacker to inject arbitrary script or HTML into a victim’s browser...
Vulnerability in DotNetNuke Could Allow Arbitrary Script Execution
Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting DotNetNuke 6.0.0 through version 6.0.2. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, DotNetNuke. DotNetNuk...