Package Instance

DNN vulnerable to Relative Path Traversal
DNN (GitHub repository dnnsoftware/dnn.platform) prior to 9.11.0 is vulnerable to Relative Path Traversal. Version 9.11.0 contains a patch for this issue.

DotNetNuke.Core has stored cross-site-scripting (XSS) via SVG upload
DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Prior to version 10.2.2, a user could upload a specially crafted SVG file that could include scripts that can target both authenticated and unauthenticated DNN users. The impact is increased if the scripts are run by a power user. Version 10.2.2 patches the issue.

DotNetNuke.Core Vulnerable to Stored XSS in Scheduler LogNotes
Extensions could write richtext in log notes which can include scripts that would run in the PersonaBar when displayed.

DNN vulnerable to stored cross-site-scripting (XSS) via SVG upload
Sanitization of the content of uploaded SVG files was not covering all possible XSS scenarios.

DNN allows loading unused themes on anonymous clients through query parameters
Arbitrary themes can be loaded through query parameters. If an installed theme had a vulnerability, even if it was not used on any page, this could be loaded on unsuspecting clients without knowledge of the site owner.

DotNetNuke.Core Vulnerable to Server-Side Request Forgery (SSRF)
A bypass has been identified for the previously known vulnerability CVE-2017-0929, allowing unauthenticated attackers to execute arbitrary GET requests against target systems, including internal or adjacent networks.

DNN: Force Friend Request Acceptance
DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Starting in version 6.0.0 and prior to version 10.2.2, in the friends feature, a user could craft a request that would force the acceptance of a friend request on another user. Version 10.2.2 patches the issue.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
An arbitrary file upload vulnerability in the Digital Assets Manager module of DNN Corp DotNetNuke v7.0.0 to v9.10.2 allows attackers to execute arbitrary code via a crafted SVG file.

Duplicate
This advisory duplicates another.

DNN Vulnerable to Stored Cross-Site Scripting (XSS) in the Prompt module
The Prompt module allows execution of commands that can return raw HTML. Malicious input, even if sanitized for display elsewhere, can be executed when processed through certain commands, leading to potential script execution (XSS).

DNN allows Stored Cross-Site Scripting (XSS) with svg files rendered inline
Uploaded SVG files could contain scripts and if rendered inline those scripts could run allowing XSS attacks.

DotNetNuke.Core Vulnerable to Stored XSS in Module Deletion Confirmation Modal
A module friendly name could include scripts that will run during some module operations in the Persona Bar.

DotNetNuke.Core has a potential XSS vulnerability in modules' header and footer
A content editor could inject scripts in module headers/footers that would run for other users.

DotNetNuke.Core Vulnerable to Stored XSS via Module Title
Module title supports richtext which could include scripts that would execute in certain scenarios.

DotNetNuke.Core security code analysis rules triggered
The codebase raises code analysis warnings related to security, including CA3075, CA5366, CA5371, CA5368, CA5369, CA5372, CA5379, CA5350, and CA5351.

Most of these deal with disabling DTD processing in XML documents, but also includes cryptographic algorithm choices.

Reflected Cross-Site Scripting (XSS) in module actions in edit mode
A specially crafted URL may be constructed which can inject an XSS payload that is triggered by using some module actions.

DNN vulnerable to Reflected Cross-Site Scripting (XSS) using url to profile
A reflected cross-site scripting (XSS) vulnerability exists under certain conditions, using a specially crafter url to view a user profile