CRITICAL 9.1 NuGet
DotNetNuke.Core Vulnerable to Stored XSS via Module Title
GHSA-w9pf-h6m6-v89h · CVE-2026-24838
Published · Modified
Description
Module title supports richtext which could include scripts that would execute in certain scenarios.
References
- WEB https://github.com/dnnsoftware/Dnn.Platform/security/advisories/GHSA-w9pf-h6m6-v89h
- ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2026-24838
- WEB https://github.com/dnnsoftware/Dnn.Platform/commit/4a4bcbcdf3cedbf702816f8168c4d51bf688f7f6
- PACKAGE https://github.com/dnnsoftware/Dnn.Platform
- WEB https://github.com/dnnsoftware/Dnn.Platform/releases/tag/v10.2.0
Ready to move
Start Securing
Free, no credit card | First findings in minutes