HomePentest-Tools.com Logo

DotNetNuke 4.8 - 5.1.4 XSS Vulnerability CVE-2009-4110

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

DotNetNuke is prone to a cross-site scripting (XSS) vulnerability.

Risk description

The flaw is due to input passed to the search parameters are not properly sanitized before being returned to the user. Successful attack could lead to execution of arbitrary HTML and script code in the context of an affected site.

Recommendation

Update to version 5.2.0 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Nov 29, 2009
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available