CVE-2013-7335 – dotnetnuke.core

Package

Manager: nuget
Name: dotnetnuke.core
Vulnerable Version: >=0 <6.2.9 || >=7.0 <7.1.1

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

EPSS: 0.00274 pctl0.50493

Details

DotNetNuke (DNN) Open redirect vulnerability Open redirect vulnerability in DotNetNuke (DNN) before 6.2.9 and 7.x before 7.1.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

Metadata

Created: 2022-05-17T04:49:44Z
Modified: 2023-08-29T18:14:44Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-mj48-f959-pqph/GHSA-mj48-f959-pqph.json
CWE IDs: ["CWE-20", "CWE-601"]
Alternative ID: GHSA-mj48-f959-pqph
Finding: F156
Auto approve: 1