Provides basic references to the DotNetNuke.dll to develop extensions for the DNN Platform. For MVC or WebAPI please see other packages available as well
Path to dependency file: /Modules/PageSettingsEditor/Upendo.Modules.PageSettingsEditor.csproj
Path to vulnerable library: /tmp/ws-ua_20230717013228_GHGMMD/dotnet_DIMSSU/20230717013228/DotNetNuke.Core.9.9.0/DotNetNuke.Core.9.9.0.nupkg,/tmp/ws-ua_20230717013228_GHGMMD/dotnet_DIMSSU/20230717013228/dotnetnuke.core/9.9.0/dotnetnuke.core.9.9.0.nupkg
CVE-2020-5186 - Medium Severity Vulnerability
Provides basic references to the DotNetNuke.dll to develop extensions for the DNN Platform. For MVC or WebAPI please see other packages available as well
Library home page: https://api.nuget.org/packages/dotnetnuke.core.9.9.0.nupkg
Path to dependency file: /Modules/PageSettingsEditor/Upendo.Modules.PageSettingsEditor.csproj
Path to vulnerable library: /tmp/ws-ua_20230717013228_GHGMMD/dotnet_DIMSSU/20230717013228/DotNetNuke.Core.9.9.0/DotNetNuke.Core.9.9.0.nupkg,/tmp/ws-ua_20230717013228_GHGMMD/dotnet_DIMSSU/20230717013228/dotnetnuke.core/9.9.0/dotnetnuke.core.9.9.0.nupkg
Dependency Hierarchy: - :x: **dotnetnuke.core.9.9.0.nupkg** (Vulnerable Library)
Found in HEAD commit: 8727e4bba1fb8bb6a2721c00a891d080c7f11b90
Found in base branch: main
DNN (formerly DotNetNuke) through 9.4.4 allows XSS (issue 1 of 2).
Publish Date: 2020-02-24
URL: CVE-2020-5186
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: Low - User Interaction: Required - Scope: Changed - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: None
For more information on CVSS3 Scores, click here.Step up your Open Source Security Game with Mend here