The issue originates from DNN modules that allow richtext in their description field, which can contain JavaScript that executes for any user who opens the module in the Persona Bar. This stored XSS can enable attackers to run arbitrary scripts in the victim’s browser, steal session cookies, deface content, or perform further attacks against users of the CMS. The flaw is limited to the context of module description rendering and does not provide arbitrary code execution on the server.

Vulnerable versions of DNN Platform (formerly DotNetNuke) are those before 9.13.10 for the 9.x series and before 10.2.0 for the 10.x series. The problem exists in the core platform code that renders module descriptions, affecting any site that uses the open‑source CMS in the Microsoft ecosystem.

The CVSS score of 7.7 categorizes the vulnerability as high severity. The EPSS score being less than 1% indicates a very low likelihood that it will be exploited in the wild, and the vulnerability is not yet listed in CISA’s KEV catalog. Attackers would most commonly exploit the flaw by installing a malicious module or submitting a script‑laden description through a privileged content‑authoring interface. While broad system impact exists for any site that permits richtext in module descriptions, the risk is mitigated by access controls; mis‑configured or privileged users provide the necessary entry point.