CVE-2005-0040 Information

Feb 14, 2021 cve

Description

Multiple cross-site scripting (XSS) vulnerabilities in DotNetNuke before 3.0.12 allow remote attackers to inject arbitrary web script or HTML via the (1) register a new user page (2) User-Agent or (3) Username which is not properly quoted before sending to the error log.

Reference

http://marc.info/?l=bugtraq&m=111627180518591&w=2 http://secunia.com/advisories/15397 http://www.securityfocus.com/bid/13644 http://www.securityfocus.com/bid/13646 http://www.securityfocus.com/bid/13647 http://www.woany.co.uk/advisories/dotnetnukexss.txt

Share on: