dotnetnuke.core vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the dotnetnuke.core package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
H Incorrect Authorization	[7.0.0,10.0.1)
M Cross-site Scripting (XSS)	[,10.0.1)
H Exposure of Sensitive System Information to an Unauthorized Control Sphere	[,10.0.1)
M Cross-site Scripting (XSS)	[,10.0.1)
M Cross-site Scripting (XSS)	[,9.13.9)
M Cross-site Scripting (XSS)	[,9.13.9)
M User Interface (UI) Misrepresentation of Critical Information	[,9.13.4)
H Authorization Bypass Through User-Controlled Key	[,9.13.8)
H Denial of Service (DoS)	[,9.13.8)
M Server-side Request Forgery (SSRF)	[,9.13.8)
L Reliance on File Name or Extension of Externally-Supplied File	[,9.13.2)
L Guessable CAPTCHA	[,9.13.8)
M Cross-site Scripting (XSS)	[0,)
M Cross-site Scripting (XSS)	[0,)
H Remote Code Execution (RCE)	[,9.1.1)
M Information Exposure	[9.5.0,)
H Inadequate Encryption Strength	[9.2.0,9.2.2)
H Cryptographic Issues	[9.2.0,9.2.2)
H Cryptographic Issues	[9.2.0,9.3.0)
H Inadequate Encryption Strength	[9.2.0,9.3.0)
M Cross-site Scripting (XSS)	[,9.4.0)
M Cross-site Scripting (XSS)	[,6.2.9)[7.0,7.1.1)
M Cross-site Scripting (XSS)	[6.0.0,6.1.0)
M Cross-site Scripting (XSS)	[,7.4.0)
M Cross-site Scripting (XSS)	[,8.0.1)
C Privilege Escalation	[,7.4.1)
H Server-side Request Forgery (SSRF)	[,9.2.0)