Описание
DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. In limited configurations, registered users may be able to craft a request to enumerate/access some portal files they should not have access to. This vulnerability is fixed in 9.13.8.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 9.13.8 (исключая)
cpe:2.3:a:dnnsoftware:dotnetnuke:*:*:*:*:*:*:*:*
EPSS
Процентиль: 42%
0.00199
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-639
EPSS
Процентиль: 42%
0.00199
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-639