Launch Week Day 1: Announcing Security Design Review
Start for Free
HIGH 7.5 NuGet

High severity vulnerability that affects DotNetNuke.Core

GHSA-g8j6-m4p7-5rfq · CVE-2017-0929

Published · Modified

Description

DNN (aka DotNetNuke) before 9.2.0 suffers from a Server-Side Request Forgery (SSRF) vulnerability in the DnnImageHandler class. Attackers may be able to access information about internal network resources.

References

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes