Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/01/29 3:26 a.m.14 views

CVE-2026-24838

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Prior to versions 9.13.10 and 10.2.0, module title supports richtext which could include scripts that would execute in certain scenarios. Versions 9.13.10 and 10.2.0 contain a fix for the iss...

9.1CVSS6AI score0.00188EPSS
Exploits0References1
NVD
NVD
added 2026/01/28 12:15 a.m.6 views

CVE-2026-24837

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Starting in version 9.0.0 and prior to versions 9.13.10 and 10.2.0, a module friendly name could include scripts that will run during some module operations in the Persona Bar. Versions 9.13....

7.6CVSS0.00249EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/28 12:0 a.m.8 views

DNN Cross-Site Scripting Vulnerabilities

DNN also known as DotNetNuke is an open-source content management system CMS developed by the American company DNN, supported by Microsoft and based on the ASP.NET platform. This system features easy installation, scalability, and rich functionality. Versions of DNN prior to 9.13.10 and 10.2.0...

7.6CVSS5.6AI score0.00174EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/27 11:58 p.m.26 views

CVE-2026-24838 DotNetNuke.Core Vulnerable to Stored XSS via Module Title

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Prior to versions 9.13.10 and 10.2.0, module title supports richtext which could include scripts that would execute in certain scenarios. Versions 9.13.10 and 10.2.0 contain a fix for the iss...

9.1CVSS0.00188EPSS
Exploits0References1
CVE
CVE
added 2026/01/27 11:53 p.m.16 views

CVE-2026-24837

DNN (DotNetNuke) prior to version 9.13.10 and 10.2.0 is affected by a Stored XSS in the Module Deletion Confirmation Modal caused by the module friendly name containing scripts. The issue is addressed in 9.13.10 and 10.2.0, which contain the fix. Exploitation context is limited to remote abuse re...

7.6CVSS5.9AI score0.00249EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/27 11:49 p.m.3 views

CVE-2026-24833 DotNetNuke.Core Vulnerable to Stored XSS in Module Description

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Prior to versions 9.13.10 and 10.2.0, a module could install with richtext in its description field which could contain scripts that will run for user in the Persona Bar. Versions 9.13.10 and...

7.6CVSS5.9AI score0.00174EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/27 12:0 a.m.6 views

PT-2026-5042

Name of the Vulnerable Software and Affected Versions DNN formerly DotNetNuke versions 9.0.0 through 9.13.9 DNN formerly DotNetNuke versions 10.0.0 through 10.1.x Description DNN formerly DotNetNuke is an open-source web content management platform. A module friendly name can include scripts that...

7.6CVSS5.3AI score0.00249EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/01/27 12:0 a.m.11 views

PT-2026-5040

Name of the Vulnerable Software and Affected Versions DNN formerly DotNetNuke versions prior to 9.13.10 DNN formerly DotNetNuke versions prior to 10.2.0 Description DNN formerly DotNetNuke is an open-source web content management platform. Prior to versions 9.13.10 and 10.2.0, a module could be...

7.6CVSS5.3AI score0.00174EPSS
Exploits0References7
Rows per page
Query Builder