Vulnerability Database
Blog
FAQ
Docs
GHSA-h595-8pw6-5q6v
Source
https://github.com/advisories/GHSA-h595-8pw6-5q6v
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2019/07/GHSA-h595-8pw6-5q6v/GHSA-h595-8pw6-5q6v.json
Aliases
CVE-2018-15811
Published
2019-07-05T21:08:36Z
Modified
2023-11-08T03:59:58.475890Z
Details
DNN (aka DotNetNuke) 9.2 through 9.2.1 uses a weak encryption algorithm to protect input parameters.
References
https://nvd.nist.gov/vuln/detail/CVE-2018-15811
https://github.com/dnnsoftware/Dnn.Platform/releases
https://www.dnnsoftware.com/community/security/security-center
http://packetstormsecurity.com/files/157080/DotNetNuke-Cookie-Deserialization-Remote-Code-Execution.html
Affected packages
NuGet
/
DotNetNuke.Core
Package
Name
DotNetNuke.Core
Affected ranges
Type
ECOSYSTEM
Events
Introduced
9.2.0
Fixed
9.2.2
Affected versions
9.*
9.2.0.366
9.2.1.533
GHSA-h595-8pw6-5q6v - OSV