PT-2026-5042 · Dotnetnuke · Dnn
Mojav3R
·
Published
2026-01-27
·
Updated
2026-02-02
·
CVE-2026-24837
CVSS v3.1
7.6
High
| Vector | AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
DNN (formerly DotNetNuke) versions 9.0.0 through 9.13.9
DNN (formerly DotNetNuke) versions 10.0.0 through 10.1.x
Description
DNN (formerly DotNetNuke) is an open-source web content management platform. A module friendly name can include scripts that execute during certain module operations within the Persona Bar.
Recommendations
Update to version 9.13.10 or later.
Update to version 10.2.0 or later.
Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dnn