Vulnerabilities > Fordnn > Usersexportimport > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-01-21 | CVE-2019-19392 | Incorrect Default Permissions vulnerability in Fordnn Usersexportimport The forDNN.UsersExportImport module before 1.2.0 for DNN (formerly DotNetNuke) allows an unprivileged user to import (create) new users with Administrator privileges, as demonstrated by Roles="Administrators" in XML or CSV data. | 7.5 |