PT-2018-5156 · Dnn · Dnn
Published
2018-07-03
·
Updated
2025-08-26
·
CVE-2017-0929
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
DNN (aka DotNetNuke) versions prior to 9.2.0
Description
The issue allows attackers to access information about internal network resources due to a Server-Side Request Forgery (SSRF) vulnerability in the DnnImageHandler class.
Recommendations
For versions prior to 9.2.0, update to version 9.2.0 or later to resolve the issue.
Fix
SSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dnn