Security Advisories · dnnsoftware/Dnn.Platform · GitHub

Security Advisories

View known security vulnerabilities and report new vulnerabilities privately to maintainers.

Report a vulnerability

NTLM hash leakage via SMB Share Interaction with malicious user input
GHSA-mgfv-2362-jq96 published Jun 20, 2025 by valadas

High
Possible Denial of Service (DoS) in DNN.PLATFORM registration
GHSA-vc6j-mcqj-rgfp published Apr 8, 2025 by valadas

Moderate
Possibly bypass of IP Filters
GHSA-fjhg-3mrh-mm7h published Jun 20, 2025 by valadas

High
Reflected Cross-Site Scripting (XSS) in some TokenReplace situations with SkinObjects
GHSA-pf4h-vrv6-cmvr published Jun 20, 2025 by valadas

Moderate
Stored Cross-Site Scripting (XSS) possible with svg files rendered inline
GHSA-m4hf-fxcg-cp34 published May 23, 2025 by valadas

Moderate
Stored Cross-Site Scripting (XSS) in Activity Feed
GHSA-wwc9-wmm3-2pmf published Jun 20, 2025 by valadas

Moderate
Reflected Cross-Site Scripting (XSS) in module actions in edit mode
GHSA-79m3-rvx2-3qq9 published May 23, 2025 by valadas

Moderate
Site Import could use an external source with a crafted request
GHSA-62mf-vhhw-xmf8 published May 23, 2025 by valadas

Low
A registered user may enumerate and access files they should not have access to
GHSA-vxcm-4rwh-chpc published Apr 8, 2025 by valadas

Moderate
Server-Side Request Forgery (SSRF) in DotNetNuke.Core
GHSA-3f7v-qx94-666m published Apr 8, 2025 by valadas

Moderate