2 matches found
Authorization Bypass Through User-Controlled Key
Overview DotNetNuke.Core is a references provider to the DotNetNuke.dll to develop extensions for the DNN Platform. Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key that allows an attacker to enumerate sensitive files by manipulating request...
Server-side Request Forgery (SSRF)
Overview DotNetNuke.Core is a references provider to the DotNetNuke.dll to develop extensions for the DNN Platform. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via GET requests. An attacker can execute arbitrary requests and retrieve partial responses from...