Описание
Cross-site scripting (XSS) vulnerability in DotNetNuke (DNN) before 6.2.9 and 7.x before 7.1.1 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to the Display Name field in the Manage Profile.
Ссылки
- Vendor Advisory
- PatchVendor Advisory
- Vendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 6.2.8 (включая)
Одно из
cpe:2.3:a:dotnetnuke:dotnetnuke:*:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:1.0.7:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:1.0.8:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:1.0.9:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:1.0.10d:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:1.0.10e:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:3.0.7:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:3.0.8:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:3.0.11:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:3.1.0:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:3.3.5:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:4.0:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:4.3.5:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:4.4.1:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:4.5.2:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:4.5.4:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:4.5.5:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:4.6.0:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:4.6.1:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:4.6.2:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:4.7.0:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:4.8.0:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:4.8.1:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:4.8.2:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:4.8.3:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:4.8.4:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:4.9:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:4.9.1:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:4.9.2:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:5.0:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:5.1:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:5.1.1:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:5.1.2:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:5.1.3:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:5.1.4:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:5.05.01:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:5.06.00:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:6.0.0:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:6.0.1:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:6.0.2:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:6.1.0:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:6.1.1:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:6.1.2:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:6.1.3:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:6.1.4:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:6.1.5:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:6.2.0:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:6.2.1:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:6.2.2:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:6.2.3:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:6.2.4:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:6.2.5:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:6.2.6:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:6.2.7:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:7.0.0:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:7.0.1:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:7.0.2:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:7.0.3:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:7.0.4:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:7.0.5:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:7.0.6:*:*:*:*:*:*:*
cpe:2.3:a:dotnetnuke:dotnetnuke:7.1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 43%
0.00209
Низкий
3.5 Low
CVSS2
Дефекты
CWE-79
Связанные уязвимости
github
больше 3 лет назад
Cross-site scripting (XSS) vulnerability in DotNetNuke (DNN) before 6.2.9 and 7.x before 7.1.1 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to the Display Name field in the Manage Profile.
EPSS
Процентиль: 43%
0.00209
Низкий
3.5 Low
CVSS2
Дефекты
CWE-79