Cross-site scripting (XSS) vulnerability in Default.aspx in DotNetNuke 4.8.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dotnetnuke dotnetnuke 4.8.1 |
||
dotnetnuke dotnetnuke 3.0.11 |
||
dotnetnuke dotnetnuke 1.0.10e |
||
dotnetnuke dotnetnuke 1.0.10d |
||
dotnetnuke dotnetnuke 3.0.7 |
||
dotnetnuke dotnetnuke 3.0.8 |
||
dotnetnuke dotnetnuke 1.0.7 |
||
dotnetnuke dotnetnuke 1.0.6 |
||
dotnetnuke dotnetnuke 3.1.0 |
||
dotnetnuke dotnetnuke 1.0.9 |
||
dotnetnuke dotnetnuke 3.3.5 |
||
dotnetnuke dotnetnuke 4.3.5 |
||
dotnetnuke dotnetnuke 4.0 |
||
dotnetnuke dotnetnuke 4.8.2 |
||
dotnetnuke dotnetnuke 1.0.8 |
||
dotnetnuke dotnetnuke 2.1.2 |
||
dotnetnuke dotnetnuke 2.1.1 |
||
dotnetnuke dotnetnuke 4.5.2 |
||
dotnetnuke dotnetnuke |