Mojav3R

**Name of the Vulnerable Software and Affected Versions** DNN (formerly DotNetNuke) versions prior to 9.13.10 DNN (formerly DotNetNuke) versions prior to 10.2.0 **Description** DNN (formerly DotNetNuke) is an open-source web content management platform. Prior to versions 9.13.10 and 10.2.0, a module could be installed with rich text in its description field. This rich text could contain scripts that execute for users within the Persona Bar. **Recommendations** Update to DNN version 9.13.10 or later. Update to DNN version 10.2.0 or later.

**Name of the Vulnerable Software and Affected Versions** DNN (formerly DotNetNuke) versions 9.0.0 through 9.13.9 DNN (formerly DotNetNuke) versions 10.0.0 through 10.1.9 **Description** DNN (formerly DotNetNuke) is an open-source web content management platform. Extensions could write rich text in log notes, potentially including scripts that execute within the PersonaBar when displayed. **Recommendations** Update to version 9.13.10 or later. Update to version 10.2.0 or later.

**Name of the Vulnerable Software and Affected Versions** DNN (formerly DotNetNuke) versions 9.0.0 through 9.13.9 DNN (formerly DotNetNuke) versions 10.0.0 through 10.1.x **Description** DNN (formerly DotNetNuke) is an open-source web content management platform. A module friendly name can include scripts that execute during certain module operations within the Persona Bar. **Recommendations** Update to version 9.13.10 or later. Update to version 10.2.0 or later.