Cross-site scripting (XSS) vulnerability in Default.aspx in Perpetual Motion Interactive Systems DotNetNuke prior to 3.3.5, and 4.x prior to 4.3.5, allows remote malicious users to inject arbitrary HTML via the error parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dotnetnuke dotnetnuke 2.1.1 |
||
dotnetnuke dotnetnuke 1.0.10e |
||
dotnetnuke dotnetnuke 1.0.10d |
||
dotnetnuke dotnetnuke 1.0.7 |
||
dotnetnuke dotnetnuke 1.0.8 |
||
dotnetnuke dotnetnuke 1.0.6 |
||
dotnetnuke dotnetnuke 1.0.9 |
||
dotnetnuke dotnetnuke 3.0.8 |
||
dotnetnuke dotnetnuke 2.1.2 |
||
dotnetnuke dotnetnuke 4.0 |
||
dotnetnuke dotnetnuke 3.0.7 |
||
dotnetnuke dotnetnuke 3.1.0 |