Описание
High severity vulnerability that affects DotNetNuke.Core
DNN (aka DotNetNuke) before 9.2.0 suffers from a Server-Side Request Forgery (SSRF) vulnerability in the DnnImageHandler class. Attackers may be able to access information about internal network resources.
Пакеты
Наименование
DotNetNuke.Core
nuget
Затронутые версииВерсия исправления
< 9.2.0
9.2.0
Связанные уязвимости
CVSS3: 7.5
nvd
больше 7 лет назад
DNN (aka DotNetNuke) before 9.2.0 suffers from a Server-Side Request Forgery (SSRF) vulnerability in the DnnImageHandler class. Attackers may be able to access information about internal network resources.