Package impact
NuGet / DotNetNuke.Core
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2015-2794 | critical | 9.8 | 9.8 | 9y ago | The installation wizard in DotNetNuke (DNN) allows privilege escalation | |
| CVE-2016-7119 | medium | 5.4 | 5.4 | 10y ago | Cross-site scripting (XSS) vulnerability in the user-profile biography section in DotNetNuke (DNN) | |
| CVE-2015-1566 | medium | — | 4.3 | 12y ago | Moderate severity vulnerability that affects DotNetNuke.Core | |
| CVE-2013-7335 | medium | — | 4.3 | 12y ago | DotNetNuke (DNN) Open redirect vulnerability | |
| CVE-2013-4649 | medium | — | 4.3 | 12y ago | DotNetNuke (DNN) Cross-site scripting (XSS) vulnerability via the __dnnVariable parameter |