Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS1tajQ4LWY5NTktcHFwaM4AAesR
DotNetNuke (DNN) Open redirect vulnerability
Open redirect vulnerability in DotNetNuke (DNN) before 6.2.9 and 7.x before 7.1.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Permalink: https://github.com/advisories/GHSA-mj48-f959-pqphJSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1tajQ4LWY5NTktcHFwaM4AAesR
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: over 2 years ago
Updated: about 1 year ago
CVSS Score: 4.0
CVSS vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
Identifiers: GHSA-mj48-f959-pqph, CVE-2013-7335
References:
- https://nvd.nist.gov/vuln/detail/CVE-2013-7335
- http://www.dnnsoftware.com/platform/manage/security-center
- http://www.securityfocus.com/bid/61809
- https://github.com/advisories/GHSA-mj48-f959-pqph
Affected Packages
nuget:DotNetNuke.Core
Dependent packages: 14Dependent repositories: 0
Downloads: 611,572 total
Affected Version Ranges: >= 7.0, < 7.1.1, < 6.2.9
Fixed in: 7.1.1, 6.2.9
All affected versions: 6.0.0, 7.0.0, 7.1.0
All unaffected versions: 7.1.2, 9.3.0, 9.3.1, 9.3.2, 9.4.0, 9.4.1, 9.4.2, 9.4.3, 9.4.4, 9.5.0, 9.6.1, 9.6.2, 9.7.0, 9.7.1, 9.7.2, 9.8.0, 9.9.0, 9.9.1, 9.10.0, 9.10.1, 9.10.2, 9.11.0, 9.11.1, 9.11.2, 9.12.0, 9.13.0, 9.13.1, 9.13.2, 9.13.3, 9.13.4, 9.13.5, 9.13.6