Vulnerabilities > Fordnn > Usersexportimport > High

DATE CVE VULNERABILITY TITLE RISK
2020-01-21 CVE-2019-19392 Incorrect Default Permissions vulnerability in Fordnn Usersexportimport
The forDNN.UsersExportImport module before 1.2.0 for DNN (formerly DotNetNuke) allows an unprivileged user to import (create) new users with Administrator privileges, as demonstrated by Roles="Administrators" in XML or CSV data.
network
low complexity
fordnn CWE-276
7.5