CVE Details
Basic Information
| Title |
CVE-2025-48377 |
| Type |
cve |
| Published |
2025-05-23T16:15:27 |
| Last Seen |
2025-05-23T16:29:36 |
CVSS Information
| Base Score |
0.0 () |
| Attack Vector |
|
| Attack Complexity |
|
| Privileges Required |
|
| User Interaction |
|
| Scope |
|
| Confidentiality Impact |
|
| Integrity Impact |
|
| Availability Impact |
|
AI Analysis
| AI Description |
A vulnerability in DNN (DotNetNuke) CMS allows cross-site scripting (XSS) attacks via specially crafted URLs, potentially injecting malicious scripts into user sessions and stealing data. |
| AI Severity |
Medium |
| Vendor |
DNN Software |
| Product |
DNN (DotNetNuke) |
| Affected Version |
Versions prior to 9.13.9 |
Additional Information
| CVE List |
CVE-2025-48377 |
| CWE List |
CWE-79 |
| Bulletin Family |
cve |
Description
DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Prior to version 9.13.9, a specially crafted URL may be constructed which can inject an XSS payload…
CVSS Score Summary
Base Score: %!f(string=#) ()
View Full CVE Details
