CVE-2013-7335
medium
CVSS v3
—
CVSS v2
4.3
VIR risk
4.3
Description
DotNetNuke (DNN) Open redirect vulnerability
Predictions
Exploit likelihood
30%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: cve@mitre.org — http://www.dnnsoftware.com/platform/manage/security-center
Vendor advisory: cve@mitre.org — http://secunia.com/advisories/53493
Package impact
| Ecosystem | Package | Vulnerable | Fixed |
|---|---|---|---|
| NuGet | DotNetNuke.Core | <6.2.9 | 6.2.9 |
| NuGet | DotNetNuke.Core | >=7.0,<7.1.1 | 7.1.1 |
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| dnnsoftware | dotnetnuke | {"endIncluding":"6.2.8"} | |
| dnnsoftware | dotnetnuke | 1.0.6 | |
| dnnsoftware | dotnetnuke | 1.0.7 | |
| dnnsoftware | dotnetnuke | 1.0.8 | |
| dnnsoftware | dotnetnuke | 1.0.9 | |
| dnnsoftware | dotnetnuke | 1.0.10d | |
| dnnsoftware | dotnetnuke | 1.0.10e | |
| dnnsoftware | dotnetnuke | 2.1.1 | |
| dnnsoftware | dotnetnuke | 2.1.2 | |
| dnnsoftware | dotnetnuke | 3.0.7 | |
| dnnsoftware | dotnetnuke | 3.0.8 | |
| dnnsoftware | dotnetnuke | 3.0.11 | |
| dnnsoftware | dotnetnuke | 3.1.0 | |
| dnnsoftware | dotnetnuke | 3.3.5 | |
| dnnsoftware | dotnetnuke | 4.0 | |
| dnnsoftware | dotnetnuke | 4.3.5 | |
| dnnsoftware | dotnetnuke | 4.4.1 | |
| dnnsoftware | dotnetnuke | 4.5.2 | |
| dnnsoftware | dotnetnuke | 4.5.4 | |
| dnnsoftware | dotnetnuke | 4.5.5 | |
| dnnsoftware | dotnetnuke | 4.6.0 | |
| dnnsoftware | dotnetnuke | 4.6.1 | |
| dnnsoftware | dotnetnuke | 4.6.2 | |
| dnnsoftware | dotnetnuke | 4.7.0 | |
| dnnsoftware | dotnetnuke | 4.8.0 | |
| dnnsoftware | dotnetnuke | 4.8.1 | |
| dnnsoftware | dotnetnuke | 4.8.2 | |
| dnnsoftware | dotnetnuke | 4.8.3 | |
| dnnsoftware | dotnetnuke | 4.8.4 | |
| dnnsoftware | dotnetnuke | 4.9 | |
| dnnsoftware | dotnetnuke | 4.9.1 | |
| dnnsoftware | dotnetnuke | 4.9.2 | |
| dnnsoftware | dotnetnuke | 5.0 | |
| dnnsoftware | dotnetnuke | 5.1 | |
| dnnsoftware | dotnetnuke | 5.1.1 | |
| dnnsoftware | dotnetnuke | 5.1.2 | |
| dnnsoftware | dotnetnuke | 5.1.3 | |
| dnnsoftware | dotnetnuke | 5.1.4 | |
| dnnsoftware | dotnetnuke | 5.05.01 | |
| dnnsoftware | dotnetnuke | 5.06.00 | |
| dnnsoftware | dotnetnuke | 6.0.0 | |
| dnnsoftware | dotnetnuke | 6.0.1 | |
| dnnsoftware | dotnetnuke | 6.0.2 | |
| dnnsoftware | dotnetnuke | 6.1.0 | |
| dnnsoftware | dotnetnuke | 6.1.1 | |
| dnnsoftware | dotnetnuke | 6.1.2 | |
| dnnsoftware | dotnetnuke | 6.1.3 | |
| dnnsoftware | dotnetnuke | 6.1.4 | |
| dnnsoftware | dotnetnuke | 6.1.5 | |
| dnnsoftware | dotnetnuke | 6.2.0 | |
| dnnsoftware | dotnetnuke | 6.2.1 | |
| dnnsoftware | dotnetnuke | 6.2.2 | |
| dnnsoftware | dotnetnuke | 6.2.3 | |
| dnnsoftware | dotnetnuke | 6.2.4 | |
| dnnsoftware | dotnetnuke | 6.2.5 | |
| dnnsoftware | dotnetnuke | 6.2.6 | |
| dnnsoftware | dotnetnuke | 6.2.7 | |
| dnnsoftware | dotnetnuke | 7.0.0 | |
| dnnsoftware | dotnetnuke | 7.0.1 | |
| dnnsoftware | dotnetnuke | 7.0.2 | |
| dnnsoftware | dotnetnuke | 7.0.3 | |
| dnnsoftware | dotnetnuke | 7.0.4 | |
| dnnsoftware | dotnetnuke | 7.0.5 | |
| dnnsoftware | dotnetnuke | 7.0.6 | |
| dnnsoftware | dotnetnuke | 7.1.0 | |
References
CWEs
CWE-20
Verify integrity in audit chain (admin only). AS-IS.