PT-2026-5041 · Dnn · Dnn
Mojav3R
·
Published
2026-01-27
·
Updated
2026-02-02
·
CVE-2026-24836
CVSS v3.1
7.6
High
| Vector | AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
DNN (formerly DotNetNuke) versions 9.0.0 through 9.13.9
DNN (formerly DotNetNuke) versions 10.0.0 through 10.1.9
Description
DNN (formerly DotNetNuke) is an open-source web content management platform. Extensions could write rich text in log notes, potentially including scripts that execute within the PersonaBar when displayed.
Recommendations
Update to version 9.13.10 or later.
Update to version 10.2.0 or later.
Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dnn