DotNetNuke.Core vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
GHSA-FCPV-W245-R2Q7LowDotNetNuke.Core: DotNetNuke.Core security code analysis rules triggeredCVE-2026-40306MediumDotNetNuke.Core: DNN: Same HostGUID for all new installsCVE-2026-40305MediumDotNetNuke.Core: DNN: Force Friend Request AcceptanceCVE-2026-40321HighDotNetNuke.Core: DotNetNuke.Core has stored cross-site-scripting (XSS) via SVG uploadCVE-2026-24838CriticalDotNetNuke.Core: DotNetNuke.Core Vulnerable to Stored XSS via Module TitleCVE-2026-24837HighDotNetNuke.Core: DotNetNuke.Core Vulnerable to Stored XSS in Module Deletion Confirmation ModalCVE-2026-24836HighDotNetNuke.Core: DotNetNuke.Core Vulnerable to Stored XSS in Scheduler LogNotesCVE-2026-24784MediumDotNetNuke.Core: DotNetNuke.Core has a potential XSS vulnerability in modules' header and footerCVE-2025-64094MediumDotNetNuke.Core: DNN vulnerable to stored cross-site-scripting (XSS) via SVG uploadCVE-2025-59821MediumDotNetNuke.Core: DNN vulnerable to Reflected Cross-Site Scripting (XSS) using url to profileCVE-2025-59546LowDotNetNuke.Core: DNN Vulnerable to Stored XSS Using Backend Admin CredentialsCVE-2025-59545CriticalDotNetNuke.Core: DNN Vulnerable to Stored Cross-Site Scripting (XSS) in the Prompt moduleCVE-2025-59539MediumDotNetNuke.Core: DNN affected by Stored Cross-Site Scripting (XSS) in Profile Biography fieldCVE-2025-59535MediumDotNetNuke.Core: DNN allows loading unused themes on anonymous clients through query parametersCVE-2025-48378MediumDotNetNuke.Core: DNN allows Stored Cross-Site Scripting (XSS) with svg files rendered inlineCVE-2025-48377MediumDotNetNuke.Web: Reflected Cross-Site Scripting (XSS) in module actions in edit modeCVE-2025-32372MediumDotNetNuke.Core: DotNetNuke.Core Vulnerable to Server-Side Request Forgery (SSRF)CVE-2022-2922MediumDotNetNuke.Core: DNN vulnerable to Relative Path TraversalCVE-2020-5187HighDotNetNuke.Core: DNN Path Traversal via Zip SlipCVE-2020-5188MediumDotNetNuke.Core: DNN File Upload VulnerabilityCVE-2020-5186MediumDotNetNuke.Core: DNN XSS VulnerabilityCVE-2013-7335MediumDotNetNuke.Core: DotNetNuke (DNN) Open redirect vulnerability CVE-2013-4649MediumDotNetNuke.Core: DotNetNuke (DNN) Cross-site scripting (XSS) vulnerability via the __dnnVariable parameterCVE-2008-6540MediumDotNetNuke.Core: DotNetNuke Default Machine Key ExposureCVE-2018-14486MediumDotNetNuke.Core: DNN XSS Vulnerability

Stop the waste.
Protect your environment with Kodem.