2 matches found
CVE-2013-4649
DotNetNuke (DNN) is affected by a cross-site scripting (XSS) vulnerability (CVE-2013-4649) in which user input to the __dnnVariable parameter on the default URI is not sanitized. Affected versions are DNN before 6.2.9 and 7.x before 7.1.1, enabling remote attackers to inject arbitrary script/HTML...
DotNetNuke (DNN) 7.1.0 / 6.2.8 Cross Site Scripting
Title: DotNetNuke DNN Cross-Site Scripting Vulnerability References: CVE-2013-4649 Discovered by: Sajjad Pourali , Nasser Salim Al-Hadhrami Vendor http://dnnsoftware.com/ Vendor advisory: http://www.dnnsoftware.com/Platform/Manage/Security-Bulletins 2013-07 Vendor contact: 2013-06-23 Vendor...