CNNVD-202510-3767 Information

CNNVD ID

CNNVD-202510-3767

Related CVE

CVE-2025-62802

• CNNVD Published: 2025-10-28

Description (Chinese)

DNN（又名DotNetNuke）是美国DNN公司的一套由微软支持、基于ASP.NET平台的开源内容管理系统（CMS）。该系统具有易于安装、可扩展、功能丰富等特点。 DNN 10.1.1之前版本存在安全漏洞，该漏洞源于允许未经验证的用户上传文件，可能导致其他安全问题。

Description (English)

DNN (also known as DotNetNuke) is an open-source content management system (CMS) supported by Microsoft and based on the ASP.NET platform by United States DNN. The system has features that are easy to install, scalable and functional. The previous version of DNN 10.1.1 had a security loophole, which stemmed from allowing unverified users to upload documents, which could lead to other security problems.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

DNN

Published

2025-10-28

Last Modified

2026-02-24

References

https://github.com/dnnsoftware/Dnn.Platform/security/advisories/GHSA-2374-6cvw-qmx6 https://access.redhat.com/security/cve/cve-2025-62802

Patch

https://www.dnnsoftware.com/