Launch Week Day 1: Announcing Security Design Review
Start for Free
HIGH 7.6 NuGet

DotNetNuke.Core Vulnerable to Stored XSS in Module Deletion Confirmation Modal

GHSA-vm5q-8qww-h238 · CVE-2026-24837

Published · Modified

Description

A module friendly name could include scripts that will run during some module operations in the Persona Bar.

References

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes