dnnsoftware

Top products

The 15 most recently published vulnerabilities affecting dnnsoftware.

• CVE-2026-40321DotNetNuke.Core has stored cross-site-scripting (XSS) via SVG upload8.0Apr 17, 2026
• CVE-2026-40306DNN has same HostGUID for all new installs6.5Apr 17, 2026
• CVE-2026-40305DNN has Force Friend Request Acceptance4.3Apr 17, 2026
• CVE-2020-37103DotNetNuke 9.5 - Persistent Cross-Site Scripting6.4Feb 3, 2026
• CVE-2026-24838DotNetNuke.Core Vulnerable to Stored XSS via Module Title9.1Jan 27, 2026
• CVE-2026-24837DotNetNuke.Core Vulnerable to Stored XSS in Module Deletion Confirmation Modal7.6Jan 27, 2026
• CVE-2026-24836DotNetNuke.Core Vulnerable to Stored XSS in Scheduler LogNotes7.6Jan 27, 2026
• CVE-2026-24833DotNetNuke.Core Vulnerable to Stored XSS in Module Description7.6Jan 27, 2026
• CVE-2026-24784DotNetNuke.Core has a potential XSS vulnerability in modules' header and footer6.8Jan 27, 2026
• CVE-2025-64095DNN Insufficient Access Control - Image Upload allows for Site Content Overwrite10.0Oct 28, 2025
• CVE-2025-64094DNN vulnerable to stored cross-site-scripting (XSS) via SVG upload6.4Oct 28, 2025
• CVE-2025-62802DNN CKEditor Provider allows unauthenticated upload out-of-the-box4.3Oct 28, 2025
• CVE-2025-59548DNN Vulnerable to Reflected Cross-Site Scripting (XSS) in CKEditor File Browser6.1Sep 23, 2025
• CVE-2025-59547DNN's CKEditor File Uploader functionality vulnerable through Unicode obfuscation5.3Sep 23, 2025
• CVE-2025-59821DNN vulnerable to Reflected Cross-Site Scripting (XSS) using url to profile6.5Sep 23, 2025