HomePentest-Tools.com Logo

DotNetNuke < 8.0.1 XSS Vulnerability CVE-2016-7119

Severity
CVSSv3 Score
5.4
Vulnerability description

DotNetNuke is prone to a cross-site scripting (XSS) vulnerability.

Risk description

The flaw is due to improper handling of user-profile biography section. Successful exploitation will allow remote authenticated users to inject arbitrary web script.

Recommendation

Update to version 8.0.1 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Aug 31, 2016
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available