Cross-site scripting (XSS) vulnerability in the Language skin object in DotNetNuke prior to 4.8.4 allows remote malicious users to inject arbitrary web script or HTML via "newly generated paths."
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
dotnetnuke dotnetnuke 1.0.8 |
||
dotnetnuke dotnetnuke 2.1.1 |
||
dotnetnuke dotnetnuke 1.0.10e |
||
dotnetnuke dotnetnuke 1.0.10d |
||
dotnetnuke dotnetnuke 3.3.5 |
||
dotnetnuke dotnetnuke 4.0 |
||
dotnetnuke dotnetnuke 4.5.5 |
||
dotnetnuke dotnetnuke 4.6.0 |
||
dotnetnuke dotnetnuke 1.0.7 |
||
dotnetnuke dotnetnuke 1.0.6 |
||
dotnetnuke dotnetnuke 4.3.5 |
||
dotnetnuke dotnetnuke 4.5.2 |
||
dotnetnuke dotnetnuke 4.6.1 |
||
dotnetnuke dotnetnuke 4.7.0 |
||
dotnetnuke dotnetnuke 2.1.2 |
||
dotnetnuke dotnetnuke 3.0.8 |
||
dotnetnuke dotnetnuke 3.1.0 |
||
dotnetnuke dotnetnuke 4.8.1 |
||
dotnetnuke dotnetnuke 4.5.4 |
||
dotnetnuke dotnetnuke 1.0.9 |
||
dotnetnuke dotnetnuke 3.0.11 |
||
dotnetnuke dotnetnuke 3.0.7 |
||
dotnetnuke dotnetnuke 4.6.2 |
||
dotnetnuke dotnetnuke 4.8.2 |
||
dotnetnuke dotnetnuke 4.8.0 |
||
dotnetnuke dotnetnuke |
Vulmon