CVE-2021-31858 Information

Description

DotNetNuke (DNN) 9.9.1 CMS is vulnerable to a Stored Cross-Site Scripting vulnerability in the user profile biography section which allows remote authenticated users to inject arbitrary code via a crafted payload.

Reference

https://labs.integrity.pt/advisories/cve-2021-31858/ https://www.dnnsoftware.com/community/security/security-center