Dotnetnuke.core
This hub aggregates every CVE we track for Dotnetnuke.core, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
32
CVEs tracked
3
Critical
9
High
3
In CISA KEV
Severity distribution
MEDIUM19HIGH9CRITICAL3LOW1
Monthly trend
0
0
0
0
0
0
0
0
0
1
2
0
0
0
5
1
0
0
4
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Dotnetnuke.core.
- CVE-2026-24838DotNetNuke.Core Vulnerable to Stored XSS via Module Title9.1
- CVE-2026-24837DotNetNuke.Core Vulnerable to Stored XSS in Module Deletion Confirmation Modal7.6
- CVE-2026-24836DotNetNuke.Core Vulnerable to Stored XSS in Scheduler LogNotes7.6
- CVE-2026-24784DotNetNuke.Core has a potential XSS vulnerability in modules' header and footer6.8
- CVE-2025-64094DNN vulnerable to stored cross-site-scripting (XSS) via SVG upload6.4
- CVE-2025-59821DNN vulnerable to Reflected Cross-Site Scripting (XSS) using url to profile6.5
- CVE-2025-59546DNN Vulnerable to Stored XSS Using Backend Admin Credentials2.4
- CVE-2025-59545DNN Vulnerable to Stored Cross-Site Scripting (XSS) in the Prompt module9.0
- CVE-2025-59539DNN affected by Stored Cross-Site Scripting (XSS) in Profile Biography field6.3
- CVE-2025-59535DotNetNuke.Core allows loading of unused themes on anonymous clients through query parameters6.5
- CVE-2025-48377Dnn.Platform vulnerable to Reflected Cross-Site Scripting (XSS) in module actions in edit mode5.4
- CVE-2025-48378Dnn.Platform vulnerable to Stored Cross-Site Scripting (XSS) with svg files rendered inline5.4
- CVE-2025-32372Server-Side Request Forgery (SSRF) in DotNetNuke.Core6.5
- CVE-2022-2922Relative Path Traversal in dnnsoftware/dnn.platform4.9
- CVE-2020-5186DNN (formerly DotNetNuke) through 9.4.4 allows XSS (issue 1 of 2).5.4
Product normalization is registry-driven with AI assist and human review. How it works