Search for vulnerabilities
| Vulnerability ID | VCID-q7dx-jb8e-wua4 |
| Aliases |
GHSA-fcpv-w245-r2q7
|
| Summary | DotNetNuke.Core security code analysis rules triggered The codebase raises code analysis warnings related to security, including CA3075, CA5366, CA5371, CA5368, CA5369, CA5372, CA5379, CA5350, and CA5351. Most of these deal with disabling DTD processing in XML documents, but also includes cryptographic algorithm choices. |
| Status | Published |
| Exploitability | 0.5 |
| Weighted Severity | 2.7 |
| Risk | 1.4 |
| Affected and Fixed Packages | Package Details |
| System | Score | Found at |
|---|---|---|
| cvssv3.1_qr | LOW | https://github.com/advisories/GHSA-fcpv-w245-r2q7 |
| generic_textual | LOW | https://github.com/dnnsoftware/Dnn.Platform |
| cvssv3.1_qr | LOW | https://github.com/dnnsoftware/Dnn.Platform/security/advisories/GHSA-fcpv-w245-r2q7 |
| generic_textual | LOW | https://github.com/dnnsoftware/Dnn.Platform/security/advisories/GHSA-fcpv-w245-r2q7 |
| Reference id | Reference type | URL |
|---|---|---|
| https://github.com/dnnsoftware/Dnn.Platform | ||
| https://github.com/dnnsoftware/Dnn.Platform/security/advisories/GHSA-fcpv-w245-r2q7 | ||
| GHSA-fcpv-w245-r2q7 | https://github.com/advisories/GHSA-fcpv-w245-r2q7 |
No EPSS data available for this vulnerability.
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2026-06-12T07:46:45.753392+00:00 | GithubOSV Importer | Import | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/04/GHSA-fcpv-w245-r2q7/GHSA-fcpv-w245-r2q7.json | 38.6.0 |