Lucene search
K

6 matches found

Snyk
Snyk
added 2026/02/25 4:13 p.m.5 views

Malicious Package

Overview microsoft-cms-client is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/21 5:38 p.m.11 views

Malicious code in microsoft-cms-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c507e9ca51bd8797443e8339d9069ce7a53d5b16d99e2198f6f856fcfa5a1ecf The package microsoft-cms-client was found to contain malicious code. Source: ghsa-malware...

5.5AI score
Exploits0References1
OSV
OSV
added 2026/02/21 5:38 p.m.6 views

MAL-2026-978 Malicious code in microsoft-cms-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c507e9ca51bd8797443e8339d9069ce7a53d5b16d99e2198f6f856fcfa5a1ecf The package microsoft-cms-client was found to contain malicious code. Source: ghsa-malware...

5.6AI score
Exploits0References1
OSV
OSV
added 2025/06/21 2:40 a.m.15 views

CVE-2025-52485 DNN.PLATFORM Allows Stored Cross-Site Scripting (XSS) in Activity Feed

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. In versions 6.0.0 to before 10.0.1, DNN.PLATFORM allows a specially crafted request to inject scripts in the Activity Feed Attachments endpoint which will then render in the feed. This issue...

5.1CVSS6.4AI score0.00178EPSS
Exploits0References3
NVD
NVD
added 2025/04/09 4:15 p.m.25 views

CVE-2025-32374

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Possible denial of service with specially crafted information in the public registration form. This vulnerability is fixed in 9.13.8...

7.5CVSS0.00352EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/09 3:14 p.m.33 views

CVE-2025-32371 Unexpected external content may be displayed in DNN ImageHandler

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. A url could be crafted to the DNN ImageHandler to render text from a querystring parameter. This text would display in the resulting image and a user that trusts the domain might think that t...

4.3CVSS0.00263EPSS
Exploits0References2
Rows per page
Query Builder