EPSS
Percentile
38.4%
DotNetNuke.Core is vulnerable to cross-site scripting. A remote authenticated attacker is able to inject arbitrary Javascript via the Display Name field under Manage Profile.
Display Name
Manage Profile
secunia.com/advisories/53493
www.dnnsoftware.com/platform/manage/security-center
www.securityfocus.com/bid/61809