GHSA-h595-8pw6-5q6v

Source

https://github.com/advisories/GHSA-h595-8pw6-5q6v

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2019/07/GHSA-h595-8pw6-5q6v/GHSA-h595-8pw6-5q6v.json

Aliases

• CVE-2018-15811

Published

2019-07-05T21:08:36Z

Modified

2023-11-08T03:59:58.475890Z

Details

DNN (aka DotNetNuke) 9.2 through 9.2.1 uses a weak encryption algorithm to protect input parameters.

References

• https://nvd.nist.gov/vuln/detail/CVE-2018-15811
• https://github.com/dnnsoftware/Dnn.Platform/releases
• https://www.dnnsoftware.com/community/security/security-center
• http://packetstormsecurity.com/files/157080/DotNetNuke-Cookie-Deserialization-Remote-Code-Execution.html