Metrics
Affected Vendors & Products
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Mon, 15 Sep 2025 15:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Dnnsoftware dotnetnuke
|
|
CPEs | cpe:2.3:a:dnnsoftware:dotnetnuke:*:*:*:*:*:*:*:* | |
Vendors & Products |
Dnnsoftware dotnetnuke
|
|
Metrics |
cvssV3_1
|
Mon, 23 Jun 2025 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Sat, 21 Jun 2025 03:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. In versions 6.0.0 to before 10.0.1, DNN.PLATFORM allows specially crafted content in URLs to be used with TokenReplace and not be properly sanitized by some SkinObjects. This issue has been patched in version 10.0.1. | |
Title | DNN.PLATFORM Allows Reflected Cross-Site Scripting (XSS) in some TokenReplace situations with SkinObjects | |
Weaknesses | CWE-79 | |
References |
| |
Metrics |
cvssV4_0
|

Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2025-06-23T17:46:16.027Z
Reserved: 2025-06-17T02:28:39.718Z
Link: CVE-2025-52486

Updated: 2025-06-23T17:46:11.124Z

Status : Analyzed
Published: 2025-06-21T03:15:24.507
Modified: 2025-09-15T15:40:46.907
Link: CVE-2025-52486

No data.

Updated: 2025-06-27T14:10:58Z