CVE-2025-52486
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-52486
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-52486.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-52486
- Aliases
- Published
- 2025-06-21T03:15:24Z
- Modified
- 2025-07-29T11:10:59.043287Z
- Summary
- [none]
- Details
-
DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. In versions 6.0.0 to before 10.0.1, DNN.PLATFORM allows specially crafted content in URLs to be used with TokenReplace and not be properly sanitized by some SkinObjects. This issue has been patched in version 10.0.1.
- References
Affected packages
Git / github.com/dnnsoftware/dnn.platform
Affected ranges
- Type
- GIT
- Repo
- https://github.com/dnnsoftware/dnn.platform
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
10.*
10.0.0-rc3
v10.*
v10.0.0
v10.0.0-rc1
v10.0.0-rc2
v10.0.1-rc1
v10.0.1-rc2
v7.*
v7.2.1.367-stable
v7.3.2.109-stable
v9.*
v9.1.0
v9.10.0
v9.10.0-rc1
v9.10.0-rc2
v9.10.1
v9.10.1-rc1
v9.10.2
v9.10.2-rc1
v9.11.0
v9.11.0-rc1
v9.11.0-rc2
v9.11.0-rc3
v9.11.0-rc4
v9.11.0-rc5
v9.11.0-rc6
v9.11.0-rc7
v9.11.1
v9.11.1-rc1
v9.11.1-rc2
v9.11.1-rc3
v9.11.2
v9.11.2-rc1
v9.12.0
v9.12.0-rc1
v9.13.0
v9.13.0-rc1
v9.13.0-rc2
v9.13.0-rc3
v9.13.1
v9.13.1-rc1
v9.13.2
v9.13.2-rc1
v9.13.3
v9.13.3-rc1
v9.13.4
v9.13.4-rc1
v9.13.5
v9.13.5-rc1
v9.13.6
v9.13.6-rc1
v9.13.7
v9.13.7-rc1
v9.13.8
v9.13.8-rc1
v9.13.9
v9.13.9-rc1
v9.2.0
v9.2.1
v9.2.1-rc0
v9.2.1-rc1
v9.2.2
v9.2.2-rc0
v9.2.2-rc1
v9.2.2-rc2
v9.2.2-rc3
v9.3.0
v9.3.0-rc0
v9.3.0-rc1
v9.3.0-rc2
v9.3.1
v9.3.1-rc0
v9.3.2
v9.3.2-rc0
v9.4.0
v9.4.0-rc0
v9.4.0-rc1
v9.4.1
v9.4.1-rc1
v9.4.2
v9.4.2-rc1
v9.4.3
v9.4.3-rc1
v9.4.4
v9.4.4-rc1
v9.5.0
v9.5.0-rc1
v9.5.0-rc2
v9.5.1-rc1
v9.6.0
v9.6.0-rc1
v9.6.0-rc2
v9.6.0-rc3
v9.6.1
v9.6.1-rc1
v9.6.2
v9.6.2-rc1
v9.6.2-rc2
v9.6.2-rc3
v9.7.0
v9.7.0-rc1
v9.7.0-rc2
v9.7.1
v9.7.1-rc1
v9.7.2
v9.7.2-rc1
v9.8.0
v9.8.0-rc1
v9.8.0-rc2
v9.8.1
v9.8.1-rc1
v9.9.0
v9.9.0-rc1
v9.9.0-rc2
v9.9.1
v9.9.1-rc1