Launch Week Day 1: Announcing Security Design Review
Start for Free
MEDIUM 6.9 NuGet

DotNetNuke.Core has a potential XSS vulnerability in modules' header and footer

GHSA-jjwg-4948-6wxp · CVE-2026-24784

Published · Modified

Description

A content editor could inject scripts in module headers/footers that would run for other users.

References

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes