Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:7813
HistoryNov 16, 2018 - 2:04 a.m.

Cross-Site Scripting (XSS)

2018-11-1602:04:59
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6

EPSS

0.002

Percentile

64.9%

JSON

DotNetNuke.Core is vulnerable to cross-site scripting. A remote attacker is able to inject arbitrary Javascript into a victim’s browser to steal session tokens or perform unwanted actions on behalf of the user via the __dnnVariable parameter to the default URI.

Related

cve 1
cvelist 1
github 1
packetstorm 1
nessus 2
nvd 1
prion 1
osv 1
openvas 1
cve
cve
CVE-2013-4649
2014-03-12 14:55:30
cvelist
cvelist
CVE-2013-4649
2014-03-12 14:00:00
github
github
DotNetNuke (DNN) Cross-site scripting (XSS) vulnerability via the __dnnVariable parameter
2022-05-17 01:33:02
packetstorm
packetstorm
DotNetNuke (DNN) 7.1.0 / 6.2.8 Cross Site Scripting
2013-08-13 00:00:00
nessus
nessus
DNN (DotNetNuke) __dnnVariable Parameter XSS
2013-08-16 00:00:00
DNN (DotNetNuke) < 6.2.9 / 7.1.1 Multiple Vulnerabilities
2013-10-03 00:00:00
nvd
nvd
CVE-2013-4649
2014-03-12 14:55:30
prion
prion
Cross site scripting
2014-03-12 14:55:00
osv
osv
DotNetNuke (DNN) Cross-site scripting (XSS) vulnerability via the __dnnVariable parameter
2022-05-17 01:33:02
openvas
openvas
DotNetNuke 6.x < 6.2.9, 7.x < 7.1.1 Redirection Weakness and XSS Vulnerabilities
2013-08-21 00:00:00

EPSS

0.002

Percentile

64.9%

JSON
Related for VERACODE:7813
cve1cvelist1github1packetstorm1nessus2nvd1prion1osv1openvas1