DNN (aka DotNetNuke) 9.2 up to and including 9.2.2 incorrectly converts encryption key source values, resulting in lower than expected entropy. NOTE: this issue exists because of an incomplete fix for CVE-2018-15812.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dnnsoftware dotnetnuke |