Dotnetnuke < 10.0.1 Stored Cross-Site Scripting (XSS) in Activity Feed (GHSA-wwc9-wmm3-2pmf)

According to its self-reported version, the instance of Dotnetnuke running on the remote web server is prior to 10.0.1. It is, therefore, affected by a vulnerability. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...

CVE-2018-15811

DNN aka DotNetNuke 9.2 through 9.2.1 uses a weak encryption algorithm to protect input parameters...