Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/04/11 4:1 p.m.6 views

CVE-2025-32372

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. A bypass has been identified for the previously known vulnerability CVE-2017-0929, allowing unauthenticated attackers to execute arbitrary GET requests against target systems, including...

7.5CVSS7.5AI score0.12543EPSS
Exploits0References1
OSV
OSV
added 2025/04/09 3:14 p.m.14 views

CVE-2025-32372 Server-Side Request Forgery (SSRF) in DotNetNuke.Core

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. A bypass has been identified for the previously known vulnerability CVE-2017-0929, allowing unauthenticated attackers to execute arbitrary GET requests against target systems, including...

6.5CVSS7.9AI score0.0036EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/04/09 3:14 p.m.9 views

CVE-2025-32372 Server-Side Request Forgery (SSRF) in DotNetNuke.Core

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. A bypass has been identified for the previously known vulnerability CVE-2017-0929, allowing unauthenticated attackers to execute arbitrary GET requests against target systems, including...

6.5CVSS7.5AI score0.0036EPSS
Exploits0References2
CVE
CVE
added 2025/04/09 3:14 p.m.77 views

CVE-2025-32372

CVE-2025-32372 : DNN (DotNetNuke) exposes a bypass of CVE-2017-0929 enabling unauthenticated, semi‑blind SSRF via arbitrary GET requests to internal or external URLs. Public sources reference this as a server-side request forgery affecting DNN, with a fixed revision in 9.13.8; Nessus/NVD entries ...

7.5CVSS6.7AI score0.0036EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/04/09 3:14 p.m.32 views

CVE-2025-32372 Server-Side Request Forgery (SSRF) in DotNetNuke.Core

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. A bypass has been identified for the previously known vulnerability CVE-2017-0929, allowing unauthenticated attackers to execute arbitrary GET requests against target systems, including...

6.5CVSS0.0036EPSS
Exploits0References2
Rows per page
Query Builder