Vulnerabilities > Dnnsoftware > Dotnetnuke > 9.8.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-12 | CVE-2022-47053 | Cross-site Scripting vulnerability in Dnnsoftware Dotnetnuke An arbitrary file upload vulnerability in the Digital Assets Manager module of DNN Corp DotNetNuke v7.0.0 to v9.10.2 allows attackers to execute arbitrary code via a crafted SVG file. | 5.4 |
| 2022-09-30 | CVE-2022-2922 | Path Traversal vulnerability in Dnnsoftware Dotnetnuke Relative Path Traversal in GitHub repository dnnsoftware/dnn.platform prior to 9.11.0. | 4.9 |
| 2022-07-20 | CVE-2021-31858 | Cross-site Scripting vulnerability in Dnnsoftware Dotnetnuke DotNetNuke (DNN) 9.9.1 CMS is vulnerable to a Stored Cross-Site Scripting vulnerability in the user profile biography section which allows remote authenticated users to inject arbitrary code via a crafted payload. | 5.4 |
| 2022-06-02 | CVE-2021-40186 | Server-Side Request Forgery (SSRF) vulnerability in Dnnsoftware Dotnetnuke The AppCheck research team identified a Server-Side Request Forgery (SSRF) vulnerability within the DNN CMS platform, formerly known as DotNetNuke. | 7.5 |